EUVD-2025-19382

Malicious code in bioql PyPI...

CVE-2025-6705

A vulnerability in the Eclipse Open VSX Registry’s automated publishing system could have allowed unauthorized uploads of extensions. Specifically, the system’s build scripts were executed without proper isolation, potentially exposing a privileged token. This token enabled the publishing of new...

Eclipse Open VSX 安全漏洞

Eclipse Open VSX is an open source registry of code extensions for Eclipse Open Source. A security vulnerability exists in Eclipse Open VSX that stems from a lack of sandboxing restrictions for CI jobs, which could lead to a service account takeover...

Eclipse Open VSX 安全漏洞

Eclipse Open VSX is an open source registry of code extensions for Eclipse open source. A security vulnerability exists in Eclipse Open VSX versions v0.9.0 through v0.20.0, which stems from the /user/namespace/namespace/details API that allows a user to edit all namespace details, even if the use...

CVE-2024-3933 Eclipse Open J9 With -Xgc:concurrentScavenge on IBM Z, could write/read outside of a buffer

In Eclipse OpenJ9 release versions prior to 0.44.0 and after 0.13.0, when running with JVM option -Xgc:concurrentScavenge, the sequence generated for System.arrayCopy on the IBM Z platform with hardware and software support for guarded storage 1, could allow access to a buffer with an incorrect...