Thu May 9 2024 14:14:50 EDT
Hide Search Description
202 bugs found.
ID Product Comp Assignee Status Resolution Summary Changed
538320 RCPTT ECL rcptt-inbox UNCO --- RSE: security warning 2018-08-27
547007 z_Archiv BIRT Birt-Build-inbox NEW --- [SECURITY] HTTP Resolution of dependencies in build expose BIRT build to MITM attack compromise 2020-01-10
409439 z_Archiv BIRT Birt-ReportEngine-inbox NEW --- Security Vulnarabilities in BIRT 4.2.2 2020-01-10
429944 z_Archiv BIRT Birt-ReportEngine-inbox NEW --- ReportEngine IllegalArgumentException when a securityManager is set in JVM 2016-10-03
531688 z_Archiv BIRT Birt-ReportViewer-inbox NEW --- Report viewer is vulnerable to cross-site scripting 2020-01-10
551468 z_Archiv BIRT Birt-ReportViewer-inbox NEW --- BIRT: Reflected XSS in Viewer frameset servlet parameter names 2020-01-10
553684 EPP jee-pack epp.packager-inbox NEW --- Virus scan of Eclipse package reports Java/CVE-2011-3544.dn malware 2021-09-20
573118 Equinox Security equinox.security-inbox NEW --- Secure Storage uses weak PBE with MD5/DES as default algorithm 2023-02-21
513625 Kapua General kapua-inbox NEW --- Should we enable gzip compression on the HTTP server instances? 2020-01-13
547008 Orion (A Deployme orion.server-inbox NEW --- [SECURITY] HTTP Resolution of dependencies in build expose Orion build to MITM attack compromise 2020-01-10
566169 Platform IDE platform-runtime-inbox NEW --- Code Injection in Eclipse macOS desktop client 2021-09-20
531823 Platform SWT platform-swt-inbox NEW --- Insecure DLL loading (swt-[gdip-]win32*.dll) 2020-01-24
535855 Vertx Core vulnerability.reports-inbox NEW --- VertX - CSRF Protection Bypass 2018-06-13
559604 z_Archiv Orb vulnerability.reports-inbox NEW --- glassfish iiop protocal unserializable remote code execute 2022-06-06
580018 Californ Scandium vulnerability.reports-inbox NEW --- Denial-of-Service vulnerability in the DTLS stack 2022-07-29
581048 Communit Vulnerab vulnerability.reports-inbox NEW --- about javafx plug 2022-11-14
410861 Hudson Core winston.prakash NEW --- LDAP: Server field validation error appears in multiple LDAP fields 2016-06-14
577471 WTP Sour wst.dtd wst.dtd-inbox NEW --- XXE in DTD Parser/Validator 2021-11-26
519169 andmore Core d_a_carver ASSI --- XXE Vulnerability found in Eclipse 2020-01-10
522431 z_Archiv BIRT Birt-ReportEngine-inbox ASSI --- Known security vulnerabilities in OSGi runtime 2020-05-01
510211 Virgo unknown fwaibel ASSI --- Virgo downloads include a vulnerable version of Spring 2020-01-20
581199 Communit Vulnerab vulnerability.reports-inbox ASSI --- In Eclipse Mosquitto 2.0.15,unauthenticated clients stil can cause excessive memory use 2023-10-18
553067 RAP RWT rap-inbox RESO FIXE Accidental XSS possible with HTML MARKUP_ENABLED in RAP 2020-01-02
573743 Communit Vulnerab webmaster RESO FIXE The Eclipse Security Mailing list is publicly accessible! 2021-05-25
367533 Communit Website phoenix.ui-inbox RESO FIXE Reset Password allows to hijack accounts for SSH access (and other options) 2012-03-22
574386 z_Archiv Mylyn akurtakov RESO FIXE Vulnerabilities discovered in third-party content 2021-11-10
569855 Platform User Ass andrew_johnson RESO FIXE Vulnerability in Eclipse livehelp. 2021-06-22
577157 MAT Core andrew_johnson RESO FIXE Jetty CVE-2021-34429 2022-04-28
582260 MAT Core andrew_johnson RESO FIXE MAT 1.14.0 BouncyCastle CVE-2023-33201 2023-11-10
582476 MAT Core andrew_johnson RESO FIXE MAT 2023-09+ CVE-2021-28170 2023-11-20
582631 MAT Core andrew_johnson RESO FIXE Validate XML report files against schema and restrict external entity access. 2023-12-11
367638 Jetty server boulay RESO FIXE Denial of Service attack ocert-2011-003 / CVE-2011-4461 2012-03-05
575281 Californ Californ cf-inbox RESO FIXE 2.0 - 2.6 : DTLS vulnerability not verifying the server certificate, when ServerKeyExchange is not signed 2021-08-24
320424 Platform User Ass cgold RESO INVA [Webapp][Security] More vulnerabilities based on the topic parameter 2011-06-10
320967 Platform User Ass cgold RESO FIXE [Test][Security] Tests for security related bugs 2011-06-10
329582 Platform User Ass cgold RESO FIXE [Webapp][Security] Eclipse Help Server XSS 2011-09-29
330026 Platform User Ass cgold RESO FIXE [Webapp][Security] Fix for Eclipse 3.6.2 Eclipse Help Server XSS 2011-06-10
551596 Che General che-inbox RESO FIXE Remote Code Execution Vulnerability in Web Interface 2019-12-19
424827 Communit Website chris.guindon RESO FIXE Potential XSS vulnerability on /downloads page. 2015-04-13
428032 Communit Website chris.guindon RESO FIXE Multiple XSS on site_login 2014-09-29
570105 Wakaama Core code RESO FIXE A null pointer reference exists in the wakaama project. 2021-09-20
337878 Jetty server david.a.jencks RESO WORK Jetty security handler fails to restrict GET method when handling servlets 2011-04-08
435095 Data Too releng dtp.enablement-inbox RESO FIXE HIPP jobs are SSHing to build.eclipse.org and storing passwords in config files 2014-05-20
438006 ECF ecf.prot ecf.core-inbox RESO FIXE [XMPP] Update to Smack 4 2016-12-03
509799 EPP java-pac epp.packager-inbox RESO FIXE Symantec reports a Trojan SONAR.AM.C!g24 in eclipse 2020-10-02
325902 Equinox Launcher equinox.launcher-inbox RESO FIXE [launcher] Windows LoadLibrary search cwd DLL exploit 2011-06-10
332980 Equinox Launcher equinox.launcher-inbox RESO WONT win32 java.library.path problems 2019-05-14
329193 Equinox Server-S equinox.server-side-inbox RESO FIXE [Webapp] Possible security issue with JSP code exposure. 2012-09-26
546816 z_Archiv BIRT guans RESO FIXE Reflected XSS vulnerability in the __format URL parameter 2019-08-10
543626 Paho MQTT icraggs RESO FIXE Possible Vulnerabilities in Eclipse paho.mqtt.c 2021-05-03
527966 JDT UI jdt-ui-inbox RESO NOT_ Eclipse startup error dialog if user installs Bouncy Castle into their JDK installation. 2017-11-30
526392 Platform User Ass kalyan_prasad RESO FIXE JSP source is shown if extension is not matching exactly (case-sensitive) 2020-03-30
510249 Kura Core kura.core-inbox RESO FIXE Eclipse Kura uses a vulnerable version of Apache Commons Fileupload 2019-03-27
534108 Communit Marketpl marketplace-inbox RESO FIXE The site marketplace.eclipse.org only supports TLS 1.0 security 2019-02-13
570090 Communit Vulnerab martin.lowe RESO FIXE OBB-1677065 - XSS vuln for eclipse.org 2021-01-25
558633 MAT Core mat.core-inbox RESO FIXE Deserialization issues 2021-02-26
572718 MAT Core mat.core-inbox RESO FIXE 4th party library issue 2021-06-22
549191 OMR General omr-inbox RESO FIXE RPATHs on AIX 2019-09-16
549192 OMR General omr-inbox RESO FIXE Loop Versioner 2019-09-16
545588 openj9 General openj9-inbox RESO FIXE Crash on unverifiable bytecode 2019-04-22
549601 openj9 General openj9-inbox RESO FIXE Loop Versioner 2019-07-30
552129 openj9 General openj9-inbox RESO FIXE Dump creation 2019-10-16
563998 openj9 General openj9-inbox RESO FIXE Undefined return value 2020-10-22
569763 openj9 General openj9-inbox RESO FIXE Stack buffer overflow 2021-02-18
571856 openj9 General openj9-inbox RESO FIXE Use of ConstantPool may not initialize class 2021-04-21
576395 openj9 General openj9-inbox RESO FIXE OpenJ9 must throw IllegalAccessError for MethodHandles that invoke inaccessible interface methods 2021-10-20
579744 openj9 General openj9-inbox RESO FIXE OpenJ9 allows unverified methods to be invoked using MethodHandles 2022-04-22
421726 Communit Website phoenix.ui-inbox RESO FIXE [Security] SQL injection in http://www.eclipse.org/membership/scripts/get_image.php 2013-11-14
421759 Communit Website phoenix.ui-inbox RESO FIXE [security] SQL injection in [http://eclipse.org/membership/showMember.php] By Shahmeer Amir and Rafay Baloch 2013-11-14
421875 Communit Website phoenix.ui-inbox RESO FIXE Vulnerabilities on http://www.eclipse.org/‏ 2013-11-21
427830 Communit Website phoenix.ui-inbox RESO FIXE XSS vulnerability on www.eclipse.org 2014-02-12
443883 Communit Website phoenix.ui-inbox RESO FIXE [site_login] Password change should invalidate all active sessions 2015-05-06
474575 Communit Website phoenix.ui-inbox RESO FIXE The website may allow automated account creation. 2015-08-31
548634 Communit Website phoenix.ui-inbox RESO WORK ECA status is not updated even after signing it after multiple trie./ 2019-06-27
571477 Platform Releng platform-releng-inbox RESO FIXE API key in build job definition shell script 2021-03-02
551680 Platform User Ass Platform-UI-Inbox RESO FIXE [Webapp][Security] XSS in query param of webapp war file 2019-10-02
421700 Communit Project portal-inbox RESO FIXE Reflected XSS - https://dev.eclipse.org/portal/myfoundation/tests/explore.php 2013-11-14
538142 z_Archiv BIRT rvinjamu RESO FIXE Security bug - RCE in BIRT viewer example 2021-06-25
458571 WTP Sour wst.dtd thatnitind RESO FIXE XXE in DTD Parser/Validator 2020-07-15
328795 Equinox Framewor tjwatson RESO FIXE [Webapp] Possible security issue with JSP code exposure. 2012-09-05
328975 Equinox Framewor tjwatson RESO FIXE [Webapp] Possible security issue with JSP code exposure. 2013-12-20
378977 Equinox Framewor tjwatson RESO FIXE [Webapp] Possible security issue with JSP code exposure. - backport to 3.5.2+ 2012-05-09
378979 Equinox Framewor tjwatson RESO FIXE [Webapp] Possible security issue with JSP code exposure. backport for 3.4.2+ 2012-09-26
390491 Equinox Server-S tjwatson RESO FIXE [Webapp] Possible security issue with JSP code exposure. 2012-09-27
570582 z_Archiv m2e tony.homer RESO FIXE Update bundled guava and any guava dependencies to 30.0+ 2021-04-19
516765 Communit Vulnerab vulnerability.reports-inbox RESO FIXE CVE-2017-7650: Eclipse Mosquitto ACL security issue 2018-02-25
529754 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Mosquitto Server Shutdown Attack 2018-04-24
530102 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Reloading Mosquitto configuration may fail if no file descriptors are available 2018-04-25
530629 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Security vulnerability found in OpenJ9 project 2018-03-02
532113 Communit Vulnerab vulnerability.reports-inbox RESO FIXE CVE-2017-7653: Eclipse Mosquitto does not validate topic strings 2019-01-23
533258 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Californium/Leshan DTLS PSK identity oracle 2021-09-29
533493 Communit Vulnerab vulnerability.reports-inbox RESO FIXE CVE-2017-7654: Mosquitto Broker DoS through a Memory Leak vulnerability 2019-01-23
533775 Communit Vulnerab vulnerability.reports-inbox RESO FIXE CVE-2017-7655: Potential NULL Dereference vulnerability in Mosquitto Library 2019-03-27
534589 Communit Vulnerab vulnerability.reports-inbox RESO FIXE OpenJ9 Vulnerabilities 2018-08-14
536038 Communit Vulnerab vulnerability.reports-inbox RESO FIXE CVE-2018-12537: vert.x: Improper neutralization of CRLF sequences allows remote attackers to inject arbitrary HTTP response headers 2018-08-14
539170 Communit Vulnerab vulnerability.reports-inbox RESO FIXE WebSocket HTTP upgrade implementation buffers the full http request before doing the handshake 2019-02-01
539171 Communit Vulnerab vulnerability.reports-inbox RESO FIXE The StaticHandler does not properly neutralize forward slashes 2019-02-01
539295 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Remote crash in Mosquitto 1.5 to 1.5.2 2019-02-01
539568 Communit Vulnerab vulnerability.reports-inbox RESO FIXE The OpenAPI XML type validator creates XML parsers without taking appropriate defense against XML attacks 2019-02-01
540550 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Password change should invalidate all user sessions 2018-11-02
540989 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Che build incorporates binaries downloaded over http -- potential MITM risk. 2021-10-03
541870 Communit Vulnerab vulnerability.reports-inbox RESO FIXE mosquitto: An empty ACL file grant all permissions to clients 2019-02-08
543127 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Access Control Violation via Retained Message in Eclipse Mosquitto 2019-02-08
543401 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Blank username allows Mosquitto Security Bypass 2019-02-08
543792 Communit Vulnerab vulnerability.reports-inbox RESO FIXE OpenJ9 OpenSSL natives are public 2019-02-01
544019 Communit Vulnerab vulnerability.reports-inbox RESO FIXE OpenJ9 may fail to null check the receiver of an unsafe call 2019-02-08
544089 Communit Vulnerab vulnerability.reports-inbox RESO INVA Memory Overflow 2019-02-04
544819 Communit Vulnerab vulnerability.reports-inbox RESO FIXE DTLS server - buffer overflow leading to crash (dtls_create_cookie) 2020-01-09
544824 Communit Vulnerab vulnerability.reports-inbox RESO FIXE DTLS server - buffer overflow leading to crash (dtls_update_parameters) 2020-01-13
546053 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Eclipse hawkBit: New CVE Request 2019-05-09
546121 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty CVE Request: DefaultServlet / ResourceHandler XSS 2023-08-31
546576 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty CVE Request: Information Reveal - Windows Directory Listings 2022-10-06
546577 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty CVE Request: Information Reveal - DefaultHandler 2023-09-11
546622 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Eclipse Vorto: New CVE Request 2019-05-09
546996 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Eclipse Xtext/Xtend: New CVE Request 2019-05-06
547734 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Eclipse Buildship: New CVE Request 2020-01-10
551206 Communit Vulnerab vulnerability.reports-inbox RESO INVA CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG) 2020-01-10
551747 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Arbitrary File Read Abusing The `mini-browser` Extension 2020-03-12
552542 Communit Vulnerab vulnerability.reports-inbox RESO FIXE XSS in Memory Analyzer plugin for Eclipse 2020-01-17
561109 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Javascript injection via notification messages in Theia IDE 2021-08-16
561375 Communit Vulnerab vulnerability.reports-inbox RESO WONT [science.dawnsci] Insecure unmarshling using XMLDecoder leading to RCE 2021-09-20
561430 Communit Vulnerab vulnerability.reports-inbox RESO INVA Out of Bound Pointer in Mosquitto 1.6.9 2021-08-16
562121 Communit Vulnerab vulnerability.reports-inbox RESO MOVE EL parser bug allow bypass of EL expression escaping 2021-05-26
562724 Communit Vulnerab vulnerability.reports-inbox RESO NOT_ bug in eclipse 202003 version can be vulnerable to Command Injection 2021-09-20
564984 Communit Vulnerab vulnerability.reports-inbox RESO FIXE CVE Request: Jetty Corrupt Response Buffer 2022-03-14
565671 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Mosquitto Windows Service Unquoted Path vulnerability 2020-08-11
567068 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Hono's AMQP adapter does not check/limit incoming message size 2021-09-20
567213 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Vulnerability in Mosquitto configuration file parsing 2023-03-31
567416 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Eclipse Vert.x StaticHandler doesn't correctly process back slashes 2020-10-29
567921 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty vulnerable to temporary directory hijacking 2020-10-22
568018 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Theia "mini-browser" extension RCE exploit 2021-09-01
570289 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Eclipse hawkBit CVE request: Improper escaping of JSON response field 2021-09-20
571411 Communit Vulnerab vulnerability.reports-inbox RESO FIXE security - LFI on eclipse.org/mylyn 2021-03-02
572218 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty 100% CPU upon receiving a large invalid TLS Frame 2021-04-01
572219 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty Ambiguous Paths can access WEB-INF 2021-04-01
572220 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty Symlink Directory Exposes Webapp Directory Contents 2021-04-01
572608 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Mosquitto: CVE request - NULL pointer dereference on crafted CONNACK 2021-08-05
573389 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty Utility Servlets Double Decoding Information Disclosure Vulnerability 2021-06-08
574146 Communit Vulnerab vulnerability.reports-inbox RESO FIXE Jetty SessionListener can prevent a session from being invalidated breaking logout. 2021-06-28
575924 Communit Vulnerab vulnerability.reports-inbox RESO FIXE XSS in @theia/plugin-ext webview 2022-01-14
579644 Communit Vulnerab vulnerability.reports-inbox RESO WORK "log4Shell" vulnerabilities still exist in Eclipse Dependencies 2022-04-21
580084 Communit Vulnerab vulnerability.reports-inbox RESO INVA Jenkins URL exposed 2022-06-07
580118 Communit Vulnerab vulnerability.reports-inbox RESO NOT_ Reflected XSS On isencia.com 2022-06-09
429494 Communit Bugzilla webmaster RESO FIXE https://bugs.eclipse.org/bugs/ is vulnerable to CVE-2009-3555 2018-02-07
513268 Communit Wiki webmaster RESO FIXE Open Redirection vulnerability in wiki.eclipse.org 2017-03-21
559719 Communit Bugzilla webmaster RESO MOVE Bug in mosquittos MQTT password file parser allows adversaries to modify the loaded password file instance and authenticate as another client. 2020-01-31
446937 Hudson Core winston.prakash RESO WONT Security: check various security flaws 2019-05-14
453797 Hudson Core winston.prakash RESO WONT [Security] A user with only Job Read and Build privileges can see the default password stored against a password parameter 2019-05-14
454558 Hudson Core winston.prakash RESO WONT [Security] A malicious user can find usernames by vectors on loadUserByUsername 2019-05-14
454560 Hudson Core winston.prakash RESO WONT [Security] x site scripting vulnerability 2019-05-14
458276 Hudson Core winston.prakash RESO WONT [Security] a deleted user who is authenticated in a browser can still build jobs etc.. 2019-05-14
464047 Hudson Core winston.prakash RESO WONT Password in Query or Cookie Data 2019-05-14
491838 Hudson Core winston.prakash RESO WONT Two security vulnerabilities 2019-05-14
573993 Viatra Common zoltan.ujhelyi RESO FIXE Username Compromised using jenkins 2021-09-23
319344 Platform User Ass cgold VERI FIXE [Webapp][Security] Phishing on help application 2011-06-10
320547 Platform User Ass cgold VERI FIXE [Webapp][Security] Misuse of /topic/file 2011-06-10
320548 Platform User Ass cgold VERI FIXE [Webapp][Security] Ability to read files not in bundles 2011-06-10
549934 Paho MQTT icraggs VERI FIXE Request for CVE in known hostname validation vulnerability in the MQTT library 2019-09-17
438901 Platform SWT niraj.modi VERI FIXE Style PASSWORD | READ_ONLY without BORDER displays plain text password 2014-08-28
317055 Platform User Ass platform-ua-inbox VERI FIXE [Webapp][Security] URLEncode url requests from local users 2011-06-10
577341 Platform Debug sarika.sinha VERI FIXE Security Issue -- Applications using XMLMemento are vulnerable to XXE Attack 2024-03-01
336767 z_Archiv BIRT zqian VERI FIXE Security Issue in BIRT Viewer 2014-03-19
421097 Communit Website chris.guindon CLOS FIXE Open redirect 2015-05-25
571428 Communit CI-Jenki ci.admin-inbox CLOS FIXE [Security] Unauthorized users could access agent logs 2021-02-23
487014 JGit JGit egit.core-inbox CLOS DUPL Support for CodeCommit via HTTPS 2016-02-03
463809 EMFStore ServerCo emfstore.servercore-inbox CLOS FIXE [Security] addInitialParticipant remote method allows privilege escalation 2015-05-11
323511 Equinox Framewor equinox.framework-inbox CLOS DUPL launcher starts wrong application 2012-03-22
575688 Equinox p2 equinox.p2-inbox CLOS MOVE Prevent downloading artifacts over unencrypted HTTP by default 2024-02-09
425195 z_Archiv Paho icraggs CLOS NOT_ The Paho Java client does not perform peer verification on the connected socket 2019-08-07
572161 Communit Website jakub.mazanek CLOS MOVE Some staging website is exposed. 2021-12-23
361316 Jetty server janb CLOS FIXE DoS attack from similar hash values 2012-03-22
333959 Virgo snaps milesg78 CLOS FIXE cross-site scripting vulnerability 2012-01-16
395246 Gemini.W unknown milesg78 CLOS FIXE Access to forbidden directories can be granted 2013-01-02
578193 openj9 General openj9-inbox CLOS FIXE Delete PR 2023-02-13
527762 Communit Website phoenix.ui-inbox CLOS DUPL Cross site scripting 2017-11-27
223539 Platform User Ass platform-ua-inbox CLOS WONT [Webapp][Security] Vulnerability discovered in Eclipse. 2019-11-14
575011 Platform UI Platform-UI-Inbox CLOS NOT_ CPU is full 2021-07-26
546046 Communit Vulnerab roger CLOS INVA Mosquitto server allows connecting with random PSK credentials if TLS is configured with no 'require_certificate' parameter 2019-12-19
547372 Communit Bugzilla roger CLOS MOVE Mosquitto broker and client default to TLS_AES_256_GCM_SHA384 with tls1.3 2020-12-15
535667 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Jetty: CVE Request: HTTP/0.9 Request Smuggling 2023-11-09
536018 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Jetty: CVE Request: FileBasedSessionStore Session Stealing 2023-08-10
544323 Communit Vulnerab vulnerability.reports-inbox CLOS WORK [installer] mosquitto-1.5.6-install-windows-x86.exe has detected virus 2019-09-17
544852 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE Releases were & are built/executed/tested/released in the context of insecure/untrusted code 2021-12-23
548244 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE Vulnerability within Oracle Mojarra JSF v2.2 and v2.3 2021-12-23
549491 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE mosquitto 2019-07-24
549525 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE State Machine Flaws, POODLE and Padding Oracles in Scandium 2021-12-23
550943 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Mojarra multiple directory traversal issues 2021-08-16
551423 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE repo.locationtech.org Only Supports TLS 1.1 Which is Unsecure 2020-01-10
563784 Communit Vulnerab vulnerability.reports-inbox CLOS WONT Mojarra RESOURCE_EXCLUDES filtering bypass 2021-08-16
563881 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE Unauthorized response topic 2021-12-23
563882 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Unauthorized retained message 2021-08-30
568803 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE Vulnerability in TinyDTLS 2021-12-23
571233 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Security Leak Information: Maven Password‏ 2021-03-01
574141 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Remote crash in Mosquitto 2.0.7 when publish topic length is 0 2021-08-22
574325 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE [iot.tinydtls] Infinite loop during handshake for TinyDTLS 2021-12-23
574327 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE Buffer over-read bug in the function dtls_sha256_update 2021-12-23
574921 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE Broken TLS server certificate validation in Eclipse ioFog agent 2021-12-23
575324 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE Mosquitto broker with Dynamic Security Plugin may lead to access control failure 2021-12-23
577337 Communit Vulnerab vulnerability.reports-inbox CLOS MOVE The eclip.se URL shortener also shortens external links 2021-12-23
580391 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE RCE on the default configuration of BIRT Viewer 2023-03-15
580460 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Xss vulnerability - /downloads-viewer.php?s= 2022-08-02
580566 Communit Vulnerab vulnerability.reports-inbox CLOS FIXE Description : You are using Swagger ui to share api docs, which uses DomPurify which is vulnerable to insecure input validation and overall your domain becomes vulnerable to Reflected XSS 2022-08-22
202 bugs found.
CSV Feed iCal

as