Vulnerabilities > Oracle > Graalvm > High
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-07-15 | CVE-2020-14718 | Unspecified vulnerability in Oracle Graalvm 19.3.2/20.1.0 Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: JVMCI). | 7.2 |
2020-06-08 | CVE-2020-8172 | Improper Certificate Validation vulnerability in multiple products TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. | 7.4 |
2020-06-03 | CVE-2020-11080 | In nghttp2 before version 1.41.0, the overly large HTTP/2 SETTINGS frame payload causes denial of service. | 7.5 |
2020-04-15 | CVE-2020-2802 | Unspecified vulnerability in Oracle Graalvm 19.3.1/20.0.0 Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: GraalVM Compiler). | 7.7 |
2020-03-30 | CVE-2019-17561 | Improper Verification of Cryptographic Signature vulnerability in multiple products The "Apache NetBeans" autoupdate system does not fully validate code signatures. | 7.5 |
2020-02-07 | CVE-2019-15604 | Improper Certificate Validation vulnerability in multiple products Improper Certificate Validation in Node.js 10, 12, and 13 causes the process to abort when sending a crafted X.509 certificate | 7.5 |
2020-01-15 | CVE-2020-2604 | Deserialization of Untrusted Data vulnerability in multiple products Vulnerability in the Java SE, Java SE Embedded product of Oracle Java SE (component: Serialization). | 8.1 |
2019-12-13 | CVE-2019-16776 | Path Traversal vulnerability in multiple products Versions of the npm CLI prior to 6.13.3 are vulnerable to an Arbitrary File Write. | 8.1 |
2019-11-26 | CVE-2019-16255 | Code Injection vulnerability in multiple products Ruby through 2.4.7, 2.5.x through 2.5.6, and 2.6.x through 2.6.4 allows code injection if the first argument (aka the "command" argument) to Shell#[] or Shell#test in lib/shell.rb is untrusted data. | 8.1 |
2019-10-16 | CVE-2019-2986 | Unspecified vulnerability in Oracle Graalvm 19.2.0 Vulnerability in the Oracle GraalVM Enterprise Edition product of Oracle GraalVM (component: LLVM Interpreter). | 7.7 |