Filtered by vendor Eclipse
Subscriptions
Total
256 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-55094 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-24 | 7.5 High |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_icmpv6_validate_options() when handling a packet with ICMP6 options. | ||||
| CVE-2025-55087 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-24 | 7.5 High |
| In NextX Duo's snmp addon versions before 6.4.4, a part of the Eclipse Foundation ThreadX, an attacker could cause an out-of-bound read by a crafted SNMPv3 security parameters. | ||||
| CVE-2025-55093 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-24 | 5.3 Medium |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() when handling unicast DHCP messages that could cause corruption of 4 bytes of memory. | ||||
| CVE-2025-55092 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-24 | 5.3 Medium |
| In Eclipse Foundation NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_option_process() when processing an IPv4 packet with the timestamp option. | ||||
| CVE-2025-55086 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-24 | 9.8 Critical |
| In NetXDuo version before 6.4.4, a networking support module for Eclipse Foundation ThreadX, in the DHCPV6 client there was an unchecked index extracting the server DUID from the server reply. With a crafted packet, an attacker could cause an out of memory read. | ||||
| CVE-2025-55100 | 1 Eclipse | 2 Threadx Usbx, Usbx | 2025-10-23 | 9.1 Critical |
| In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio10_sam_parse_func() when parsing a list of sampling frequencies. | ||||
| CVE-2025-55098 | 1 Eclipse | 2 Threadx Usbx, Usbx | 2025-10-23 | 6.1 Medium |
| In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_device_type_get() when parsing a descriptor of an USB audio device. | ||||
| CVE-2025-55099 | 1 Eclipse | 2 Threadx Usbx, Usbx | 2025-10-23 | 6.1 Medium |
| In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_alternate_setting_locate() when parsing a descriptor with attacker-controlled frequency fields. | ||||
| CVE-2025-55097 | 1 Eclipse | 2 Threadx Usbx, Usbx | 2025-10-23 | 6.1 Medium |
| In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_audio_streaming_sampling_get() when parsing a descriptor of an USB streaming device. | ||||
| CVE-2025-55096 | 1 Eclipse | 2 Threadx Netx Duo, Threadx Usbx | 2025-10-23 | 6.1 Medium |
| In USBX before 6.4.3, the USB support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _ux_host_class_hid_report_descriptor_get() when parsing a descriptor of an USB HID device. | ||||
| CVE-2025-55079 | 1 Eclipse | 1 Threadx | 2025-10-22 | 5.5 Medium |
| In Eclipse ThreadX before version 6.4.3, the thread module has a setting of maximum priority. In some cases the check of that maximum priority wasn't performed, allowing, as a result, to obtain a thread with higher priority than expected and causing a possible denial of service. | ||||
| CVE-2025-55080 | 1 Eclipse | 1 Threadx | 2025-10-22 | 7.1 High |
| In Eclipse ThreadX before 6.4.3, when memory protection is enabled, syscall parameters verification wasn't enough, allowing an attacker to obtain an arbitrary memory read/write. | ||||
| CVE-2025-55078 | 1 Eclipse | 1 Threadx | 2025-10-21 | 5.5 Medium |
| In Eclipse ThreadX before version 6.4.3, an attacker can cause a denial of service (crash) by providing a pointer to a reserved or unmapped memory region. Vulnerable system calls had a check of pointers, but that check wasn't verifying whether the pointer is outside the module memory region. | ||||
| CVE-2025-55091 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | 6.5 Medium |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ip_packet_receive() function when received an Ethernet with type set as IP but no IP data. | ||||
| CVE-2025-55090 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | 6.5 Medium |
| In NetX Duo before 6.4.4, the networking support module for Eclipse Foundation ThreadX, there was a potential out of bound read issue in _nx_ipv4_packet_receive() function when received an Ethernet frame with less than 4 bytes of IP packet. | ||||
| CVE-2025-55084 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | 5.3 Medium |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was an incorrect bound check in_nx_secure_tls_proc_clienthello_supported_versions_extension() in the extension version field. | ||||
| CVE-2025-55082 | 1 Eclipse | 1 Threadx Netx Duo | 2025-10-21 | 5.3 Medium |
| In NetX Duo version before 6.4.4, the component of Eclipse Foundation ThreadX, there was a potential out of bound read in _nx_secure_tls_process_clienthello() because of a missing validation of PSK length provided in the user message. | ||||
| CVE-2024-43787 | 2 Eclipse, Hono | 2 Hono, Hono | 2025-09-17 | 5 Medium |
| Hono is a Web application framework that provides support for any JavaScript runtime. Hono CSRF middleware can be bypassed using crafted Content-Type header. MIME types are case insensitive, but isRequestedByFormElementRe only matches lower-case. As a result, attacker can bypass csrf middleware using upper-case form-like MIME type. This vulnerability is fixed in 4.5.8. | ||||
| CVE-2025-4447 | 2 Eclipse, Redhat | 2 Openj9, Enterprise Linux | 2025-09-05 | 7.8 High |
| In Eclipse OpenJ9 versions up to 0.51, when used with OpenJDK version 8 a stack based buffer overflow can be caused by modifying a file on disk that is read when the JVM starts. | ||||
| CVE-2021-28165 | 5 Eclipse, Jenkins, Netapp and 2 more | 28 Jetty, Jenkins, Cloud Manager and 25 more | 2025-08-27 | 7.5 High |
| In Eclipse Jetty 7.2.2 to 9.4.38, 10.0.0.alpha0 to 10.0.1, and 11.0.0.alpha0 to 11.0.1, CPU usage can reach 100% upon receiving a large invalid TLS frame. | ||||