cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-21502,https://securityvulnerability.io/vulnerability/CVE-2025-21502,Critical Vulnerability in Oracle Java SE and GraalVM Products,"A vulnerability exists in Oracle Java SE and GraalVM products that allows unauthenticated attackers with network access to exploit the Hotspot component. This can lead to unauthorized modifications of data, including updates, inserts, deletions, and unauthorized read access. Notably, the flaw can be exploited through APIs, making it particularly concerning for Java deployments that utilize untrusted code via sandboxed applications. Attackers can leverage this weakness to compromise the integrity and confidentiality of sensitive data within affected Oracle products.",Oracle,Oracle Java Se,4.8,MEDIUM,0.01,false,false,false,false,false,false,false,2025-01-21T20:52:56.446Z,0
CVE-2024-21235,https://securityvulnerability.io/vulnerability/CVE-2024-21235,"Oracle Java SE, Oracle GraalVM for JDK, Oracle GraalVM Enterprise Edition Vulnerability","This vulnerability exists within Oracle Java SE, Oracle GraalVM for JDK, and Oracle GraalVM Enterprise Edition, specifically in the Hotspot component. It poses a risk as it allows unauthenticated attackers with network access to exploit it via multiple protocols. The consequences of successful exploitation may include unauthorized updates, insertion, or deletion of accessible data, along with unauthorized read access to a subset of data within these products. The exploitation can occur through APIs, particularly when data is supplied to these APIs, and can also impact Java deployments that utilize sandboxed applications. This represents a significant concern for security, especially for environments that depend on the Java sandbox for isolation and protection of untrusted code.",Oracle,Oracle Java Se,4.8,MEDIUM,0.0004600000102072954,false,false,false,false,,false,false,2024-10-15T19:52:46.900Z,0
CVE-2024-21217,https://securityvulnerability.io/vulnerability/CVE-2024-21217,Serialization Vulnerability in Oracle Java SE and GraalVM Products,"A vulnerability has been identified in Oracle Java SE and GraalVM products that permits unauthenticated attackers to exploit the serialization component. This issue primarily affects users with network access, making it particularly concerning for systems using APIs to handle data. Successful exploitation could allow attackers to cause a partial denial of service (DoS) within the affected products. This vulnerability is relevant to environments where untrusted code is loaded, such as in sandboxed Java Web Start applications or applets, potentially compromising the integrity of the Java security model.",Oracle,Oracle Java Se,3.7,LOW,0.0004600000102072954,false,false,false,false,,false,false,2024-10-15T19:52:43.814Z,0
CVE-2024-21211,https://securityvulnerability.io/vulnerability/CVE-2024-21211,Vulnerability in Oracle Java SE and GraalVM Products Exploitable by Unauthenticated Attackers,"A vulnerability exists in Oracle's Java SE and GraalVM products that allows unauthenticated attackers with network access through various protocols to compromise system integrity. Successful exploitation could enable unauthorized updates, inserts, or deletions of data accessible through these platforms. The vulnerability poses a risk particularly in Java deployments utilizing sandboxed environments for running untrusted code, such as Java Web Start applications or applets. Developers and administrators should review and mitigate potential impacts following Oracle's advisory.",Oracle,"Graalvm,Oracle Java Se",3.7,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-10-15T19:52:41.883Z,0
CVE-2024-21210,https://securityvulnerability.io/vulnerability/CVE-2024-21210,Remote Code Execution Vulnerability in Oracle Java SE,"A vulnerability in Oracle Java SE allows unauthenticated attackers with network access to exploit the system. This vulnerability primarily affects various versions, enabling unauthorized updates, inserts, or deletions of accessible data. It can be exploited via APIs in the Hotspot component, commonly through web services. Additionally, the issue impacts Java deployments that run untrusted code within sandboxed environments such as Java Web Start applications or applets, posing significant risks to security.",Oracle,Oracle Java Se,3.7,LOW,0.0004600000102072954,false,false,false,false,,false,false,2024-10-15T19:52:41.538Z,0
CVE-2024-21208,https://securityvulnerability.io/vulnerability/CVE-2024-21208,Vulnerability in Oracle Java SE and GraalVM Products,"This vulnerability allows unauthenticated attackers with network access to compromise specific versions of Oracle Java SE and GraalVM products through multiple protocols. It primarily affects Java deployments in client environments where untrusted code may be loaded, particularly in sandboxed Java Web Start applications or applets. Successful exploitation may grant attackers unauthorized partial denial of service capabilities, impacting availability. The risk is notably relevant for users operating Java applications that rely on the security features of the Java sandbox, whereas environments running solely trusted code remain unaffected.",Oracle,Oracle Java Se,3.7,LOW,0.0004600000102072954,false,false,false,false,,false,false,2024-10-15T19:52:40.907Z,0