cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20955,https://securityvulnerability.io/vulnerability/CVE-2024-20955,Vulnerability in Oracle GraalVM for JDK and Enterprise Edition by Oracle,"A security vulnerability exists in Oracle GraalVM for JDK and GraalVM Enterprise Edition, allowing unauthenticated attackers with network access via multiple protocols to potentially gain unauthorized read access to certain data subsets. The affected versions span across both JDK and Enterprise Edition products, making it vital for users to evaluate the impact on sensitive data. This vulnerability is particularly concerning as it exposes confidential information without requiring authentication.",Oracle,GraalVM Enterprise Edition,3.7,LOW,0.0006099999882280827,false,,false,false,false,,,false,false,,2024-01-16T21:41:20.952Z,0
CVE-2023-22091,https://securityvulnerability.io/vulnerability/CVE-2023-22091,Vulnerability in Oracle GraalVM for JDK and Enterprise Edition by Oracle,"A vulnerability exists within Oracle GraalVM for JDK and Oracle GraalVM Enterprise Edition, which can be exploited by unauthenticated attackers with network access. This exploit can lead to unauthorized operations such as updates, inserts, or deletions of data, as well as unauthorized reading of certain accessible data. The issue affects specific versions of both GraalVM for JDK and its Enterprise Edition, highlighting the importance of securing your runtime environments against potential unauthorized access.",Oracle,Graalvm Enterprise Edition,4.8,MEDIUM,0.0006099999882280827,false,,false,false,false,,,false,false,,2023-10-17T22:15:00.000Z,0
CVE-2023-22051,https://securityvulnerability.io/vulnerability/CVE-2023-22051,Unauthenticated Network Access Vulnerability in Oracle GraalVM Products,"A vulnerability exists in the Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK products, which allows unauthenticated attackers with network access to exploit certain protocols. Successful exploitation may provide unauthorized read access to some confidential data within these systems. Affected versions include specific releases of Oracle GraalVM Enterprise Edition and Oracle GraalVM for JDK, emphasizing the need for swift updates to mitigate risks associated with this vulnerability.",Oracle,Graalvm Enterprise Edition,3.7,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-07-18T21:15:00.000Z,0
CVE-2023-21986,https://securityvulnerability.io/vulnerability/CVE-2023-21986,Vulnerability in Oracle GraalVM Enterprise Edition Affects Data Integrity and Availability,"An exploitable vulnerability exists in the Oracle GraalVM Enterprise Edition's Native Image component, allowing an unauthenticated attacker with logon access to the environment where GraalVM operates to manipulate data. The attacks can result in unauthorized updates, inserts, or deletions of accessible data and can lead to a partial denial of service. Given that this vulnerability affects the GraalVM Enterprise Edition, it may also impact other products, extending its scope of influence.",Oracle,Graalvm Enterprise Edition,5.7,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-04-18T20:15:00.000Z,0
CVE-2022-21597,https://securityvulnerability.io/vulnerability/CVE-2022-21597,JavaScript Vulnerability in Oracle GraalVM Enterprise Edition,"A vulnerability exists in the JavaScript component of Oracle GraalVM Enterprise Edition that allows an unauthenticated attacker with network access to compromise the software. This issue can lead to unauthorized read access to sensitive data within the affected versions of Oracle GraalVM Enterprise Edition, specifically 20.3.7, 21.3.3, and 22.2.0. It highlights the potential risks associated with unsecured network access and emphasizes the need for timely mitigation measures.",Oracle,Graalvm Enterprise Edition,5.3,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2022-21634,https://securityvulnerability.io/vulnerability/CVE-2022-21634,DoS Vulnerability in Oracle GraalVM Enterprise Edition,"The vulnerability in Oracle GraalVM Enterprise Edition's LLVM Interpreter component allows attackers with network access to easily compromise the system. This exploitation could lead to repeated crashes or a persistent hang of the service, effectively rendering it unavailable to legitimate users. The affected versions include 20.3.7, 21.3.3, and 22.2.0. Organizations should promptly apply the recommended updates to mitigate this risk.",Oracle,Graalvm Enterprise Edition,7.5,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2022-10-18T00:00:00.000Z,0
CVE-2020-14803,https://securityvulnerability.io/vulnerability/CVE-2020-14803,Java SE Vulnerability in Oracle Java SE Products,"A vulnerability exists within Oracle's Java SE that can be exploited by an unauthenticated attacker with network access, leading to unauthorized read access of certain Java SE accessible data. This security flaw primarily affects Java deployments in environments where sandboxed Java Web Start applications or applets are run, particularly when they load and execute untrusted code sourced from the internet. Organizations are advised to apply necessary security updates and mitigate risks associated with running untrusted Java applications.",Oracle,"Java Se Jdk And Jre,Graalvm Enterprise Edition",5.3,MEDIUM,0.0031399999279528856,false,,false,false,false,,,false,false,,2020-10-21T14:04:26.000Z,0
CVE-2020-14718,https://securityvulnerability.io/vulnerability/CVE-2020-14718,Oracle GraalVM Enterprise Edition Vulnerability Exposes Systems to Remote Attacks,"A security vulnerability exists in the Oracle GraalVM Enterprise Edition, specifically within the JVMCI component. This flaw allows an attacker with elevated privileges to exploit the system through various network protocols. If successfully executed, the attack could lead to a complete takeover of the GraalVM instance, compromising its functionality and data integrity. Users of GraalVM, particularly those on versions 19.3.2 and 20.1.0, are strongly advised to apply available security updates to mitigate this risk.",Oracle,Graalvm Enterprise Edition,7.2,HIGH,0.00279000005684793,false,,false,false,false,,,false,false,,2020-07-15T17:34:35.000Z,0
CVE-2020-2900,https://securityvulnerability.io/vulnerability/CVE-2020-2900,Vulnerability in Oracle GraalVM Enterprise Edition Tools,"A vulnerability exists in Oracle GraalVM Enterprise Edition related to the Tools component, affecting versions 19.3.1 and 20.0.0. This vulnerability permits a low-privileged attacker with network access to potentially compromise the software by exploiting human interaction from a third party. Successful exploitation might result in unauthorized modifications—including updates, inserts, and deletions of accessible data—along with unauthorized read access to certain sensitive data within the Oracle GraalVM Enterprise Edition ecosystem.",Oracle,Graalvm Enterprise Edition,3.7,LOW,0.000539999979082495,false,,false,false,false,,,false,false,,2020-04-15T13:29:51.000Z,0
CVE-2020-2802,https://securityvulnerability.io/vulnerability/CVE-2020-2802,Vulnerability in Oracle GraalVM Enterprise Edition Compiler Component,"The vulnerability found in the Oracle GraalVM Enterprise Edition, specifically in the GraalVM Compiler component, poses a risk of denial of service. This flaw allows attackers with low privileges and network access to exploit the component via multiple protocols, leading to potential disruptions. If successfully exploited, it can result in unauthorized system crashes or hangs that affect the stability of Oracle GraalVM Enterprise Edition and possibly other interconnected products, thereby compromising their availability.",Oracle,Graalvm Enterprise Edition,7.7,HIGH,0.000590000010561198,false,,false,false,false,,,false,false,,2020-04-15T13:29:46.000Z,0
CVE-2020-2799,https://securityvulnerability.io/vulnerability/CVE-2020-2799,Vulnerability in Oracle GraalVM Compiler Affecting Oracle GraalVM Enterprise Edition,"A vulnerability exists in the GraalVM Compiler of Oracle GraalVM Enterprise Edition, affecting versions 19.3.1 and 20.0.0. This vulnerability allows a low-privileged attacker with network access to exploit the system through multiple protocols. While the primary target is the Oracle GraalVM Enterprise Edition, the ramifications of successful attacks can significantly affect other connected systems. This vulnerability may enable unauthorized creation, deletion, or modification of critical data, leading to severe integrity impacts on all accessible data within the affected product.",Oracle,Graalvm Enterprise Edition,6.3,MEDIUM,0.000539999979082495,false,,false,false,false,,,false,false,,2020-04-15T13:29:46.000Z,0
CVE-2020-2595,https://securityvulnerability.io/vulnerability/CVE-2020-2595,Unauthorized Access Vulnerability in Oracle GraalVM Enterprise Edition,"An exploitable vulnerability exists in the GraalVM Compiler component of Oracle's GraalVM Enterprise Edition that allows unauthenticated attackers with network access through multiple protocols to gain unauthorized read access to sensitive data. While the primary impact is within the Oracle GraalVM Enterprise Edition, it can potentially affect other products relying on it. This situation creates significant risks for organizations utilizing Oracle GraalVM Enterprise Edition in their operations.",Oracle,Graalvm Enterprise Edition,5.8,MEDIUM,0.0008900000248104334,false,,false,false,false,,,false,false,,2020-01-15T16:34:02.000Z,0
CVE-2020-2581,https://securityvulnerability.io/vulnerability/CVE-2020-2581,Partial Denial of Service Vulnerability in Oracle GraalVM Enterprise Edition,"An easily exploitable vulnerability has been identified in the LLVM Interpreter component of Oracle's GraalVM Enterprise Edition. This affects any infrastructure running version 19.3.0.2, allowing unauthenticated attackers who can log in to potentially disrupt service. Successful exploitation may lead to a partial denial of service, thereby affecting the availability of the affected product. Organizations using this version are strongly advised to assess their security posture and apply necessary mitigations.",Oracle,Graalvm Enterprise Edition,4,MEDIUM,0.0006600000197067857,false,,false,false,false,,,false,false,,2020-01-15T16:34:01.000Z,0
CVE-2019-2986,https://securityvulnerability.io/vulnerability/CVE-2019-2986,Denial of Service Vulnerability in Oracle GraalVM Enterprise Edition,"A vulnerability exists in the Oracle GraalVM Enterprise Edition, specifically in the LLVM Interpreter component, that allows a low privileged attacker with network access to exploit the system. This flaw can lead to significant disruptions, including the potential for repeated crashes or hangs of the affected product. The vulnerability impacts not only Oracle GraalVM Enterprise Edition but could also affect other products due to its system-level nature. Attackers using various network protocols can leverage this vulnerability, making it imperative for users to apply appropriate patches to mitigate risks and maintain service availability.",Oracle,Graalvm Enterprise Edition,7.7,HIGH,0.000590000010561198,false,,false,false,false,,,false,false,,2019-10-16T17:40:57.000Z,0
CVE-2019-2862,https://securityvulnerability.io/vulnerability/CVE-2019-2862,Unauthenticated Network Vulnerability in Oracle GraalVM Enterprise Edition,"A vulnerability exists in Oracle GraalVM Enterprise Edition that allows an unauthenticated attacker with network access through various protocols to exploit the system. This flaw could lead to unauthorized actions, including the creation, deletion, or modification of critical data within Oracle GraalVM. Notably, successful exploitation requires user interaction, thereby introducing an additional layer of complexity. The consequences of this vulnerability can extend to causing significant disruptions such as frequent system crashes or Denial of Service, impacting the availability of the affected system.",Oracle,Graalvm Enterprise Edition,6.8,MEDIUM,0.0008299999753944576,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0
CVE-2019-2813,https://securityvulnerability.io/vulnerability/CVE-2019-2813,Denial of Service Vulnerability in Oracle GraalVM Enterprise Edition,"A vulnerability has been identified in the Oracle GraalVM Enterprise Edition component, specifically in version 19.0.0. This easily exploitable weakness allows an attacker with low privileges and network access to initiate attacks through multiple protocols. Successful exploitation of this vulnerability can lead to unauthorized actions that may cause the Oracle GraalVM Enterprise Edition to hang or crash frequently, resulting in a complete denial of service (DoS) condition. While primarily affecting GraalVM, the implications of this vulnerability may extend to other products linked to it.",Oracle,Graalvm Enterprise Edition,7.7,HIGH,0.000590000010561198,false,,false,false,false,,,false,false,,2019-07-23T23:15:00.000Z,0