Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle graalvm 19.3.2 vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv2
CVE-2020-14718
Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: JVMCI). Supported versions that are affected are 19.3.2 and 20.1.0. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromi...
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
6.4
CVSSv2
CVE-2019-17560
The "Apache NetBeans" autoupdate system does not validate SSL certificates and hostnames for https based downloads. This allows an malicious user to intercept downloads of autoupdates and modify the download, potentially injecting malicious code. “Apache NetBeans&...
Apache Netbeans
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
5
CVSSv2
CVE-2019-17561
The "Apache NetBeans" autoupdate system does not fully validate code signatures. An attacker could modify the downloaded nbm and include additional code. "Apache NetBeans" versions up to and including 11.2 are affected by this vulnerability.
Apache Netbeans
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
5.8
CVSSv2
CVE-2020-8172
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0.
Nodejs Node.js
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
Oracle Banking Extensibility Workbench 14.4.0
Oracle Banking Extensibility Workbench 14.3.0
Oracle Mysql Cluster
Oracle Blockchain Platform
5
CVSSv2
CVE-2020-11080
In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. The proof of concept attack involves a malicious client constructing a SETTINGS frame with a length of 14,400 bytes (2400 individual settings entries) over and over again. T...
Nghttp2 Nghttp2
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 33
Oracle Enterprise Communications Broker 3.1.0
Oracle Graalvm 19.3.2
Oracle Graalvm 20.1.0
Oracle Mysql
Oracle Enterprise Communications Broker 3.2.0
Oracle Banking Extensibility Workbench 14.4.0
Oracle Banking Extensibility Workbench 14.3.0
Oracle Blockchain Platform
Nodejs Node.js
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
client side
CVE-2023-31889
template injection
CVE-2024-4304
CVE-2006-4304
CVE-2024-33272
type confusion
CVE-2024-21345
CVE-2024-33271
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started