How severe is CVE-2018-12539?

This vulnerability has a severity rating of HIGH with a CVSS score of 7.8 out of 10.

What type of vulnerability is CVE-2018-12539?

This is classified as CWE-419, which is a common weakness in software security.

CVE-2018-12539

HIGH Year: 2018

CVSS v3 Score

7.8

High

CVSS v2 Score

4.6

Medium

Weakness Type

CWE-419

View all →

Vulnerability Description

In Eclipse OpenJ9 version 0.8, users other than the process owner may be able to use Java Attach API to connect to an Eclipse OpenJ9 or IBM JVM on the same machine and use Attach API operations, which includes the ability to execute untrusted native code. Attach API is enabled by default on Windows, Linux and AIX JVMs and can be disabled using the command line option -Dcom.ibm.tools.attach.enable=no.

CVE-2018-12120

HIGH

CVSS:8.1(High)

Node.js: All versions prior to Node.js 6.15.0: Debugger port 5858 listens on any interface by default: When the debugger is enabled with `node --debug` or `node debug`, it listens to port 5858 on all ...

CWE-4192018

CVE-2025-24030

HIGH

CVSS:7.1(High)

Envoy Gateway is an open source project for managing Envoy Proxy as a standalone or Kubernetes-based application gateway. A user with access to the Kubernetes cluster can use a path traversal attack t...

CWE-4192025

CVE-2024-2414

HIGH

CVSS:8.8(High)

The primary channel is unprotected on Movistar 4G router affecting E version S_WLD71-T1_v2.0.201820. This device has the 'adb' service open on port 5555 and provides access to a shell with root privil...

CWE-4192024

CVE-2019-11248

MEDIUM

CVSS:6.5(Medium)

The debugging endpoint /debug/pprof is exposed over the unauthenticated Kubelet healthz port. The go pprof endpoint is exposed over the Kubelet's healthz port. This debugging endpoint can potentially ...

CWE-4192019

CVE-2023-30859

CRITICAL

CVSS:9.8(Critical)

Triton is a Minecraft plugin for Spigot and BungeeCord that helps you translate your Minecraft server. The CustomPayload packet allows you to execute commands on the spigot/bukkit console. When you en...

CWE-4192023

CVE-2024-50588

CRITICAL

CVSS:9.8(Critical)

An unauthenticated attacker with access to the local network of the medical office can use known default credentials to gain remote DBA access to the Elefant Firebird database. The data in the databas...

CWE-4192024

CVE-2018-12539

Vulnerability Description

Related Vulnerabilities

CVE-2018-12120

CVE-2025-24030

CVE-2024-2414

CVE-2019-11248

CVE-2023-30859

CVE-2024-50588