This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Oracle First view 2011-01-19
Product Vm Virtualbox Last view 2021-07-21
Version Type Application
Update  
Edition  
Language  
Sofware Edition  
Target Software  
Target Hardware  
Other  

Activity : Overall

COMMON PLATFORM ENUMERATION: Repartition per Version

CPE Name Affected CVE
cpe:2.3:a:oracle:vm_virtualbox:4.2.0:*:*:*:*:*:*:* 289
cpe:2.3:a:oracle:vm_virtualbox:4.0:*:*:*:*:*:*:* 289
cpe:2.3:a:oracle:vm_virtualbox:4.2.8:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.1.0:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.2.16:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.2.6:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.2.4:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.2.2:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.2.14:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.2.10:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.2.12:*:*:*:*:*:*:* 288
cpe:2.3:a:oracle:vm_virtualbox:4.0.16:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.14:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.8:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.2:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.10:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.22:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.16:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.6:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.0:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.18:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.12:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.20:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.14:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.10:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.8:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.8:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.26:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.14:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.2.18:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.24:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.4:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.0:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.1:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.16:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.18:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.10:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.12:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.12:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.28:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.6:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.0:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.0.2:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.4:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.6:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.2:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:3.2.18:*:*:*:*:*:*:* 287
cpe:2.3:a:oracle:vm_virtualbox:4.1.4:*:*:*:*:*:*:* 287

Related : CVE

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
7 2021-07-21 CVE-2021-2454

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).

7.3 2021-07-21 CVE-2021-2443

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Solaris x86 and Linux systems only. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).

6 2021-07-21 CVE-2021-2442

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

8.2 2021-07-21 CVE-2021-2409

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.24. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

6 2021-04-28 CVE-2021-2321

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

4.4 2021-04-22 CVE-2021-2312

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Windows systems only. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

7.5 2021-04-22 CVE-2021-2310

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

7.5 2021-04-22 CVE-2021-2309

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

6 2021-04-22 CVE-2021-2306

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

5.3 2021-04-22 CVE-2021-2297

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).

5.3 2021-04-22 CVE-2021-2296

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).

4.7 2021-04-22 CVE-2021-2291

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 4.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N).

7.1 2021-04-22 CVE-2021-2287

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

7.1 2021-04-22 CVE-2021-2286

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N).

7.1 2021-04-22 CVE-2021-2285

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

7.1 2021-04-22 CVE-2021-2284

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N).

7.1 2021-04-22 CVE-2021-2283

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

7.1 2021-04-22 CVE-2021-2282

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

7.1 2021-04-22 CVE-2021-2281

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:N/I:H/A:N).

7.1 2021-04-22 CVE-2021-2280

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 7.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N).

8.1 2021-04-22 CVE-2021-2279

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H).

6 2021-04-22 CVE-2021-2266

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

8.4 2021-04-22 CVE-2021-2264

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 8.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:N).

8.2 2021-04-22 CVE-2021-2250

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

7.5 2021-04-22 CVE-2021-2145

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

CWE : Common Weakness Enumeration

%idName
21% (9) CWE-125 Out-of-bounds Read
9% (4) CWE-787 Out-of-bounds Write
9% (4) CWE-399 Resource Management Errors
9% (4) CWE-284 Access Control (Authorization) Issues
7% (3) CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition
7% (3) CWE-269 Improper Privilege Management
7% (3) CWE-200 Information Exposure
4% (2) CWE-203 Information Exposure Through Discrepancy
4% (2) CWE-190 Integer Overflow or Wraparound
2% (1) CWE-416 Use After Free
2% (1) CWE-362 Race Condition
2% (1) CWE-327 Use of a Broken or Risky Cryptographic Algorithm
2% (1) CWE-310 Cryptographic Issues
2% (1) CWE-295 Certificate Issues
2% (1) CWE-254 Security Features
2% (1) CWE-191 Integer Underflow (Wrap or Wraparound)
2% (1) CWE-20 Improper Input Validation

Oval Markup Language : Definitions

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
OvalID Name
oval:org.mitre.oval:def:12576 Unspecified vulnerability in Oracle VM VirtualBox 4.0
oval:org.mitre.oval:def:13148 Unspecified vulnerability in Oracle VM VirtualBox related to Guest Additions ...
oval:org.mitre.oval:def:12983 Unspecified vulnerability in Oracle VM VirtualBox
oval:org.mitre.oval:def:16235 Unspecified vulnerability in the Oracle VM VirtualBox 4.1 component
oval:org.mitre.oval:def:16722 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Vir...
oval:org.mitre.oval:def:15763 Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio...
oval:org.mitre.oval:def:22409 Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio...
oval:org.mitre.oval:def:22391 Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio...
oval:org.mitre.oval:def:21438 Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio...
oval:org.mitre.oval:def:22434 Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio...
oval:org.mitre.oval:def:21883 Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio...
oval:org.mitre.oval:def:24111 DSA-2878-1 virtualbox - security update
oval:org.mitre.oval:def:24120 Vulnerability in the VirtualBox component in Oracle VirtualBox 4.2.x through ...
oval:org.mitre.oval:def:24026 Vulnerability in the VirtualBox component in Oracle VirtualBox 4.2.x through ...
oval:org.mitre.oval:def:24607 DSA-2904-1 virtualbox - security update
oval:org.mitre.oval:def:24618 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Vir...
oval:org.mitre.oval:def:24979 Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ...
oval:org.mitre.oval:def:25006 Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ...
oval:org.mitre.oval:def:24927 Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ...
oval:org.mitre.oval:def:24987 Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ...
oval:org.mitre.oval:def:25054 Unspecified vulnerability in the Oracle VM VirtualBox before 4.1.34, 4.2.26, ...
oval:org.mitre.oval:def:25235 Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ...
oval:org.mitre.oval:def:24865 Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ...
oval:org.mitre.oval:def:28638 ELSA-2015-0090 -- glibc security update (critical)
oval:org.mitre.oval:def:28622 ELSA-2015-0092 -- glibc security update (critical)

Open Source Vulnerability Database (OSVDB)

id Description
78443 Oracle VM VirtualBox Shared Folders Component Unspecified Local Issue
78442 Oracle VM VirtualBox Windows Guest Additions Component Unspecified Local Issue
73897 Oracle VM VirtualBox Guest Additions for Windows XPDM Display Driver Local Ov...
73896 Oracle VM VirtualBox Host-Guest Communication Manager SHCRGL_GUEST_FN_WRITE_B...
70549 Oracle VM VirtualBox Extensions Unspecified Local Issue

ExploitDB Exploits

id Description
32208 Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities

OpenVAS Exploits

id Description
2012-04-30 Name : Gentoo Security Advisory GLSA 201204-01 (virtualbox)
File : nvt/glsa_201204_01.nasl
2012-01-24 Name : Oracle VM VirtualBox Multiple Unspecified Vulnerabilities (Windows)
File : nvt/secpod_oracle_virtualbox_mult_unspecified_vuln_win.nasl
2012-01-24 Name : Oracle VM VirtualBox Unspecified Vulnerability (MAC OS X)
File : nvt/secpod_oracle_virtualbox_unspecified_vuln_macosx.nasl
2011-07-29 Name : Oracle VM VirtualBox Unspecified Vulnerability (Windows)
File : nvt/secpod_oracle_virtualbox_unspecified_vuln_win.nasl
2011-01-31 Name : Oracle VM VirtualBox Extensions Local Privilege Escalation Vulnerability (Linux)
File : nvt/gb_oracle_virtualbox_loc_prev_escl_vuln_lin.nasl
2011-01-27 Name : Oracle VM VirtualBox Extensions Local Privilege Escalation Vulnerability
File : nvt/gb_oracle_virtualbox_loc_prev_escl_vuln_win.nasl

Information Assurance Vulnerability Management (IAVM)

id Description
2015-A-0160 Multiple Vulnerabilities in Oracle Linux and Virtualization
Severity: Category I - VMSKEY: V0061123
2014-A-0107 Multiple Vulnerabilities in Oracle & Sun Systems Products Suite
Severity: Category I - VMSKEY: V0053187
2014-A-0058 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0049579
2014-A-0012 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0043396
2013-A-0195 Multiple Vulnerabilities in Oracle & Sun Systems Product Suite
Severity: Category I - VMSKEY: V0040781

Snort® IPS/IDS

Date Description
2018-02-20 Intel x64 side-channel analysis information leak attempt
RuleID : 45444 - Type : OS-OTHER - Revision : 2
2018-02-20 Intel x64 side-channel analysis information leak attempt
RuleID : 45443 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x64 side-channel analysis information leak attempt
RuleID : 45368 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x64 side-channel analysis information leak attempt
RuleID : 45367 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45366 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45365 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45364 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45363 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45362 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45361 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45360 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45359 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45358 - Type : OS-OTHER - Revision : 2
2018-02-06 Intel x86 side-channel analysis information leak attempt
RuleID : 45357 - Type : OS-OTHER - Revision : 2
2016-09-27 WordPress pingback gethostbyname heap buffer overflow attempt
RuleID : 39925 - Type : SERVER-WEBAPP - Revision : 2
2016-04-05 SSLv2 Client Hello attempt
RuleID : 38060 - Type : POLICY-OTHER - Revision : 4
2015-03-04 WordPress pingback gethostbyname heap buffer overflow attempt
RuleID : 33275 - Type : SERVER-WEBAPP - Revision : 2
2015-03-04 Exim gethostbyname heap buffer overflow attempt
RuleID : 33226 - Type : SERVER-MAIL - Revision : 3
2015-03-04 Exim gethostbyname heap buffer overflow attempt
RuleID : 33225 - Type : SERVER-MAIL - Revision : 4

Nessus® Vulnerability Scanner

This CPE Product have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-18 Name: The remote Fedora host is missing a security update.
File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO
2019-01-02 Name: Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File: nessus_tns_2018_16.nasl - Type: ACT_GATHER_INFO
2019-01-02 Name: Tenable Nessus running on the remote host is affected by multiple vulnerabili...
File: nessus_tns_2018_17.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: The remote EulerOS host is missing a security update.
File: EulerOS_SA-2018-1434.nasl - Type: ACT_GATHER_INFO
2018-12-28 Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili...
File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO
2018-12-20 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4355.nasl - Type: ACT_GATHER_INFO
2018-12-10 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO
2018-12-01 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO
2018-11-23 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-325-01.nasl - Type: ACT_GATHER_INFO
2018-11-23 Name: The remote Debian host is missing a security update.
File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO
2018-11-13 Name: The remote FreeBSD host is missing a security-related update.
File: freebsd_pkg_6f170cf2e6b711e8a9a8b499baebfeaf.nasl - Type: ACT_GATHER_INFO
2018-11-02 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL91229003.nasl - Type: ACT_GATHER_INFO
2018-10-31 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201810-06.nasl - Type: ACT_GATHER_INFO
2018-10-30 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_238ae7dedba211e8b713b499baebfeaf.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing a security update.
File: EulerOS_SA-2018-1233.nasl - Type: ACT_GATHER_INFO
2018-09-18 Name: The remote EulerOS Virtualization host is missing multiple security updates.
File: EulerOS_SA-2018-1236.nasl - Type: ACT_GATHER_INFO
2018-09-17 Name: The remote Debian host is missing a security update.
File: debian_DLA-1506.nasl - Type: ACT_GATHER_INFO
2018-09-07 Name: The remote Debian host is missing a security update.
File: debian_DLA-1497.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0098.nasl - Type: ACT_GATHER_INFO
2018-07-24 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-2_0-0011.nasl - Type: ACT_GATHER_INFO
2018-07-16 Name: The remote Debian host is missing a security update.
File: debian_DLA-1422.nasl - Type: ACT_GATHER_INFO
2018-07-09 Name: The remote Fedora host is missing a security update.
File: fedora_2018-9f02e5ed7b.nasl - Type: ACT_GATHER_INFO
2018-05-30 Name: The remote Debian host is missing a security-related update.
File: debian_DSA-4213.nasl - Type: ACT_GATHER_INFO
2018-05-23 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201805-08.nasl - Type: ACT_GATHER_INFO
2018-05-03 Name: The remote Debian host is missing a security update.
File: debian_DLA-1369.nasl - Type: ACT_GATHER_INFO