Vulnerabilidades em Eclipse Foundation
104 resultadosCVE-2024-10525HIGHEclipse Mosquito: Heap Buffer Overflow in my_subscribe_callbackEPSS 57.9%CVE-2026-7411CRITICALIn Eclipse BaSyx Java Server SDK versions prior to 2.0.0-milestone-10, inadequate path normalization in the Submodel HTTP API allows an unauEPSS 3.7%CVE-2017-7650—In Mosquitto before 1.4.12, pattern based ACLs can be bypassed by clients that set their username/client id to '#' or '+'. This allows localEPSS 2.5%CVE-2023-4759HIGHImproper handling of case insensitive filesystems in Eclipse JGit allows arbitrary file writeEPSS 1.9%CVE-2017-7649—The network enabled distribution of Kura before 2.1.0 takes control over the device's firewall setup but does not allow IPv6 firewall rules EPSS 1.6%CVE-2024-0740CRITICALEclipse Target Management <= 4.5.500 Command InjectionEPSS 1.2%CVE-2023-4760HIGHRemote Code Execution in Eclipse RAP on WindowsEPSS 1.0%CVE-2024-8184MEDIUMJetty ThreadLimitHandler.getRemote() vulnerable to remote DoS attacksEPSS 1.0%CVE-2024-6763LOWJetty URI parsing of invalid authorityEPSS 1.0%CVE-2024-6762LOWJetty PushSessionCacheFilter can cause remote DoS attacksEPSS 0.9%CVE-2024-9823MEDIUMJetty DOS vulnerability on DosFilterEPSS 0.9%CVE-2024-2452HIGHInteger wraparound, under-allocation, and heap buffer overflow in Eclipse ThreadX NetX Duo __portable_aligned_alloc()EPSS 0.9%CVE-2024-10838HIGHInteger Underflow in DDS_Security_Deserialize_ methods may lead to OOB readEPSS 0.9%CVE-2025-2258MEDIUMEclipse ThreadX NetX Duo HTTP server single PUT request integer underflowEPSS 0.8%CVE-2025-2259MEDIUMEclipse ThreadX NetX Duo component HTTP server single PUT request integer underflowEPSS 0.8%CVE-2025-2260HIGHEclipse ThreadX NetX Duo HTTP component server denial of serviceEPSS 0.8%CVE-2026-2586CRITICALAn authenticated Remote Code Execution (RCE) vulnerability was identified in GlassFish's Administration Console. A user with access to the pEPSS 0.8%CVE-2023-4043MEDIUMParsson DoS when parsing numbers from untrusted sourcesEPSS 0.8%CVE-2024-3935MEDIUMEclipse Mosquito: Double free vulnerabilityEPSS 0.8%CVE-2025-7962MEDIUMIn Jakarta Mail versions prior to 2.0.2 it is possible to perform an SMTP Injection by utilizing the \r and \n UTF-8 characters to separate EPSS 0.8%