cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-20954,https://securityvulnerability.io/vulnerability/CVE-2024-20954,Vulnerability in Oracle GraalVM for JDK and Enterprise Edition,"A vulnerability exists within the Oracle GraalVM for JDK and the GraalVM Enterprise Edition, affecting specific versions of these products. Unauthenticated attackers with network access can exploit this vulnerability via multiple protocols, potentially gaining unauthorized read access to a subset of accessible data. The vulnerability complicates security measures, making it crucial for users to review their configurations and implement necessary updates to safeguard against potential data exfiltration.",Oracle,"Graalvm,Graalvm For Jdk",,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2024-21098,https://securityvulnerability.io/vulnerability/CVE-2024-21098,Oracle GraalVM for JDK Vulnerability Could Lead to Partial Denial of Service,"Vulnerability in the Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition product of Oracle Java SE (component: Compiler).  Supported versions that are affected are Oracle GraalVM for JDK: 17.0.10, 21.0.2, 22; Oracle GraalVM Enterprise Edition: 20.3.13 and  21.3.9. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition. CVSS 3.1 Base Score 3.7 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L).",Oracle,"Graalvm,Graalvm For Jdk",3.7,LOW,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-04-16T22:15:00.000Z,0
CVE-2020-14803,https://securityvulnerability.io/vulnerability/CVE-2020-14803,Java SE Vulnerability in Oracle Java SE Products,"A vulnerability exists within Oracle's Java SE that can be exploited by an unauthenticated attacker with network access, leading to unauthorized read access of certain Java SE accessible data. This security flaw primarily affects Java deployments in environments where sandboxed Java Web Start applications or applets are run, particularly when they load and execute untrusted code sourced from the internet. Organizations are advised to apply necessary security updates and mitigate risks associated with running untrusted Java applications.",Oracle,"Java Se Jdk And Jre,Graalvm Enterprise Edition",5.3,MEDIUM,0.0031399999279528856,false,,false,false,false,,,false,false,,2020-10-21T14:04:26.000Z,0