Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
oracle workload manager 19c vulnerabilities and exploits
(subscribe to this query)
4.4
CVSSv2
CVE-2019-12418
When Apache Tomcat 9.0.0.M1 to 9.0.28, 8.5.0 to 8.5.47, 7.0.0 and 7.0.97 is configured with the JMX Remote Lifecycle Listener, a local attacker without access to the Tomcat process or configuration files is able to manipulate the RMI registry to perform a man-in-the-middle attack...
Apache Tomcat
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Workload Manager 12.2.0.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Oncommand System Manager
5
CVSSv2
CVE-2020-11996
A specially crafted sequence of HTTP/2 requests sent to Apache Tomcat 10.0.0-M1 to 10.0.0-M5, 9.0.0.M1 to 9.0.35 and 8.5.0 to 8.5.55 could trigger high CPU usage for several seconds. If a sufficient number of such requests were made on concurrent HTTP/2 connections, the server co...
Apache Tomcat
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Canonical Ubuntu Linux 20.04
Oracle Mysql Enterprise Monitor
Oracle Siebel Ui Framework
Oracle Workload Manager 12.2.0.1
Oracle Workload Manager 18c
Oracle Workload Manager 19c
Opensuse Leap 15.1
Opensuse Leap 15.2
Debian Debian Linux 9.0
1 Github repository
5.8
CVSSv2
CVE-2019-17569
The refactoring present in Apache Tomcat 9.0.28 to 9.0.30, 8.5.48 to 8.5.50 and 7.0.98 to 7.0.99 introduced a regression. The result of the regression was that invalid Transfer-Encoding headers were incorrectly processed leading to a possibility of HTTP Request Smuggling if Tomca...
Apache Tomcat
Apache Tomee 7.0.7
Opensuse Leap 15.1
Netapp Data Availability Services -
Netapp Oncommand System Manager
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Communications Instant Messaging Server 10.0.1.4.0
5
CVSSv2
CVE-2020-13934
An h2c direct connection to Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M5 to 9.0.36 and 8.5.1 to 8.5.56 did not release the HTTP/1.1 processor after the upgrade to HTTP/2. If a sufficient number of such requests were made, an OutOfMemoryException could occur leading to a denial ...
Apache Tomcat
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 20.04
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
4.4
CVSSv2
CVE-2020-9484
When using Apache Tomcat versions 10.0.0-M1 to 10.0.0-M4, 9.0.0.M1 to 9.0.34, 8.5.0 to 8.5.54 and 7.0.0 to 7.0.103 if a) an attacker is able to control the contents and name of a file on the server; and b) the server is configured to use the PersistenceManager with a FileStore; a...
Apache Tomcat
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Opensuse Leap 15.1
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 20.04
Oracle Agile Engineering Data Management 6.2.1.0
16 Github repositories
5.8
CVSSv2
CVE-2020-1935
In Apache Tomcat 9.0.0.M1 to 9.0.30, 8.5.0 to 8.5.50 and 7.0.0 to 7.0.99 the HTTP header parsing code used an approach to end-of-line parsing that allowed some invalid HTTP headers to be parsed as valid. This led to a possibility of HTTP Request Smuggling if Tomcat was located be...
Apache Tomcat
Apache Tomcat 9.0.0
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Canonical Ubuntu Linux 16.04
Opensuse Leap 15.1
Netapp Data Availability Services -
Netapp Oncommand System Manager
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Product Lifecycle Management 9.3.3
Oracle Agile Product Lifecycle Management 9.3.5
5
CVSSv2
CVE-2020-17527
While investigating bug 64830 it exists that Apache Tomcat 10.0.0-M1 to 10.0.0-M9, 9.0.0-M1 to 9.0.39 and 8.5.0 to 8.5.59 could re-use an HTTP request header value from the previous stream received on an HTTP/2 connection for the request associated with the subsequent stream. Whi...
Apache Tomcat
Apache Tomcat 9.0.0
Apache Tomcat 9.0.35-3.39.1
Apache Tomcat 9.0.35-3.57.3
Apache Tomcat 9.0.36
Apache Tomcat 9.0.37
Apache Tomcat 9.0.38
Apache Tomcat 9.0.39
Apache Tomcat 10.0.0
Netapp Element Plug-in -
Netapp Oncommand System Manager
Debian Debian Linux 9.0
7.5
CVSSv2
CVE-2020-1938
When using the Apache JServ Protocol (AJP), care must be taken when trusting incoming connections to Apache Tomcat. Tomcat treats AJP connections as having higher trust than, for example, a similar HTTP connection. If such connections are available to an attacker, they can be exp...
Apache Geode 1.12.0
Apache Tomcat
Fedoraproject Fedora 30
Fedoraproject Fedora 31
Fedoraproject Fedora 32
Oracle Agile Engineering Data Management 6.2.1.0
Oracle Agile Plm 9.3.3
Oracle Agile Plm 9.3.5
Oracle Agile Plm 9.3.6
Oracle Communications Element Manager 8.1.1
Oracle Communications Element Manager 8.2.0
Oracle Communications Element Manager 8.2.1
45 Github repositories
1 Article
5
CVSSv2
CVE-2020-13935
The payload length in a WebSocket frame was not correctly validated in Apache Tomcat 10.0.0-M1 to 10.0.0-M6, 9.0.0.M1 to 9.0.36, 8.5.0 to 8.5.56 and 7.0.27 to 7.0.104. Invalid payload lengths could trigger an infinite loop. Multiple requests with invalid payload lengths could lea...
Apache Tomcat
Apache Tomcat 9.0.0
Apache Tomcat 10.0.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Netapp Oncommand System Manager
Opensuse Leap 15.1
Opensuse Leap 15.2
Canonical Ubuntu Linux 16.04
Canonical Ubuntu Linux 20.04
Mcafee Epolicy Orchestrator 5.9.0
Mcafee Epolicy Orchestrator 5.9.1
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SQL injection
CVE-2024-52320
SQL
logic flaw
CVE-2024-6387
CVE-2024-11457
CVE-2024-11329
CVE-2024-50404
CVE-2023-48788
Home
/
Search Results
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started