Summary
Detail | |||
---|---|---|---|
Vendor | Oracle | First view | 2011-01-19 |
Product | Vm Virtualbox | Last view | 2023-10-17 |
Version | Type | ||
Update | |||
Edition | |||
Language | |||
Sofware Edition | |||
Target Software | |||
Target Hardware | |||
Other |
Activity : Overall
COMMON PLATFORM ENUMERATION: Repartition per Version
Related : CVE
Date | Alert | Description | |
---|---|---|---|
7.9 | 2023-10-17 | CVE-2023-22100 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: Only applicable to 7.0.x platform. CVSS 3.1 Base Score 7.9 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:H). |
8.2 | 2023-10-17 | CVE-2023-22099 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: Only applicable to 7.0.x platform. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). |
8.2 | 2023-10-17 | CVE-2023-22098 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: Only applicable to 7.0.x platform. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). |
8.1 | 2023-07-18 | CVE-2023-22018 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Difficult to exploit vulnerability allows unauthenticated attacker with network access via RDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). |
5.5 | 2023-07-18 | CVE-2023-22017 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Windows VMs only. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
4.2 | 2023-07-18 | CVE-2023-22016 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.46 and Prior to 7.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:N/I:N/A:H). |
6 | 2023-04-18 | CVE-2023-22002 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). |
4.6 | 2023-04-18 | CVE-2023-22001 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N). |
4.6 | 2023-04-18 | CVE-2023-22000 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N). |
3.6 | 2023-04-18 | CVE-2023-21999 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N). |
4.6 | 2023-04-18 | CVE-2023-21998 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Windows VMs only. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N). |
3.2 | 2023-04-18 | CVE-2023-21991 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N). |
8.2 | 2023-04-18 | CVE-2023-21990 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H). |
6 | 2023-04-18 | CVE-2023-21989 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N). |
3.8 | 2023-04-18 | CVE-2023-21988 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N). |
7.8 | 2023-04-18 | CVE-2023-21987 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H). |
5.5 | 2023-01-18 | CVE-2023-21899 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: Applies to VirtualBox VMs running Windows 7 and later. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
5.5 | 2023-01-18 | CVE-2023-21898 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: Applies to VirtualBox VMs running Windows 7 and later. CVSS 3.1 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H). |
3.8 | 2023-01-18 | CVE-2023-21889 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N). |
8.1 | 2023-01-18 | CVE-2023-21886 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). |
3.8 | 2023-01-18 | CVE-2023-21885 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: Applies to Windows only. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N). |
4.4 | 2023-01-18 | CVE-2023-21884 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.42 and prior to 7.0.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H). |
8.8 | 2022-10-18 | CVE-2022-39427 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.40. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows systems only. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H). |
8.1 | 2022-10-18 | CVE-2022-39426 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). |
8.1 | 2022-10-18 | CVE-2022-39425 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.40. Difficult to exploit vulnerability allows unauthenticated attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H). |
CWE : Common Weakness Enumeration
% | id | Name |
---|---|---|
20% (9) | CWE-125 | Out-of-bounds Read |
11% (5) | CWE-787 | Out-of-bounds Write |
8% (4) | CWE-399 | Resource Management Errors |
8% (4) | CWE-284 | Access Control (Authorization) Issues |
6% (3) | CWE-367 | Time-of-check Time-of-use (TOCTOU) Race Condition |
6% (3) | CWE-200 | Information Exposure |
6% (3) | CWE-20 | Improper Input Validation |
4% (2) | CWE-203 | Information Exposure Through Discrepancy |
4% (2) | CWE-190 | Integer Overflow or Wraparound |
2% (1) | CWE-681 | Incorrect Conversion between Numeric Types |
2% (1) | CWE-416 | Use After Free |
2% (1) | CWE-362 | Race Condition |
2% (1) | CWE-327 | Use of a Broken or Risky Cryptographic Algorithm |
2% (1) | CWE-310 | Cryptographic Issues |
2% (1) | CWE-295 | Certificate Issues |
2% (1) | CWE-254 | Security Features |
2% (1) | CWE-191 | Integer Underflow (Wrap or Wraparound) |
2% (1) | CWE-79 | Failure to Preserve Web Page Structure ('Cross-site Scripting') |
2% (1) | CWE-74 | Failure to Sanitize Data into a Different Plane ('Injection') |
Oval Markup Language : Definitions
OvalID | Name |
---|---|
oval:org.mitre.oval:def:12576 | Unspecified vulnerability in Oracle VM VirtualBox 4.0 |
oval:org.mitre.oval:def:13148 | Unspecified vulnerability in Oracle VM VirtualBox related to Guest Additions ... |
oval:org.mitre.oval:def:12983 | Unspecified vulnerability in Oracle VM VirtualBox |
oval:org.mitre.oval:def:16235 | Unspecified vulnerability in the Oracle VM VirtualBox 4.1 component |
oval:org.mitre.oval:def:16722 | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Vir... |
oval:org.mitre.oval:def:15763 | Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio... |
oval:org.mitre.oval:def:22409 | Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio... |
oval:org.mitre.oval:def:22391 | Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio... |
oval:org.mitre.oval:def:21438 | Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio... |
oval:org.mitre.oval:def:22434 | Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio... |
oval:org.mitre.oval:def:21883 | Unspecified vulnerability in the VirtualBox component in Oracle Virtualizatio... |
oval:org.mitre.oval:def:24111 | DSA-2878-1 virtualbox - security update |
oval:org.mitre.oval:def:24120 | Vulnerability in the VirtualBox component in Oracle VirtualBox 4.2.x through ... |
oval:org.mitre.oval:def:24026 | Vulnerability in the VirtualBox component in Oracle VirtualBox 4.2.x through ... |
oval:org.mitre.oval:def:24607 | DSA-2904-1 virtualbox - security update |
oval:org.mitre.oval:def:24618 | Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Vir... |
oval:org.mitre.oval:def:24979 | Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ... |
oval:org.mitre.oval:def:25006 | Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ... |
oval:org.mitre.oval:def:24927 | Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ... |
oval:org.mitre.oval:def:24987 | Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ... |
oval:org.mitre.oval:def:25054 | Unspecified vulnerability in the Oracle VM VirtualBox before 4.1.34, 4.2.26, ... |
oval:org.mitre.oval:def:25235 | Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ... |
oval:org.mitre.oval:def:24865 | Unspecified vulnerability in the Oracle VM VirtualBox before 3.2.24, 4.0.26, ... |
oval:org.mitre.oval:def:28638 | ELSA-2015-0090 -- glibc security update (critical) |
oval:org.mitre.oval:def:28622 | ELSA-2015-0092 -- glibc security update (critical) |
SAINT Exploits
Description | Link |
---|---|
Oracle WebLogic Server deserialization remote code execution | More info here |
Open Source Vulnerability Database (OSVDB)
id | Description |
---|---|
78443 | Oracle VM VirtualBox Shared Folders Component Unspecified Local Issue |
78442 | Oracle VM VirtualBox Windows Guest Additions Component Unspecified Local Issue |
73897 | Oracle VM VirtualBox Guest Additions for Windows XPDM Display Driver Local Ov... |
73896 | Oracle VM VirtualBox Host-Guest Communication Manager SHCRGL_GUEST_FN_WRITE_B... |
70549 | Oracle VM VirtualBox Extensions Unspecified Local Issue |
ExploitDB Exploits
id | Description |
---|---|
32208 | Oracle VirtualBox 3D Acceleration - Multiple Vulnerabilities |
OpenVAS Exploits
id | Description |
---|---|
2012-04-30 | Name : Gentoo Security Advisory GLSA 201204-01 (virtualbox) File : nvt/glsa_201204_01.nasl |
2012-01-24 | Name : Oracle VM VirtualBox Multiple Unspecified Vulnerabilities (Windows) File : nvt/secpod_oracle_virtualbox_mult_unspecified_vuln_win.nasl |
2012-01-24 | Name : Oracle VM VirtualBox Unspecified Vulnerability (MAC OS X) File : nvt/secpod_oracle_virtualbox_unspecified_vuln_macosx.nasl |
2011-07-29 | Name : Oracle VM VirtualBox Unspecified Vulnerability (Windows) File : nvt/secpod_oracle_virtualbox_unspecified_vuln_win.nasl |
2011-01-31 | Name : Oracle VM VirtualBox Extensions Local Privilege Escalation Vulnerability (Linux) File : nvt/gb_oracle_virtualbox_loc_prev_escl_vuln_lin.nasl |
2011-01-27 | Name : Oracle VM VirtualBox Extensions Local Privilege Escalation Vulnerability File : nvt/gb_oracle_virtualbox_loc_prev_escl_vuln_win.nasl |
Information Assurance Vulnerability Management (IAVM)
id | Description |
---|---|
2015-A-0160 | Multiple Vulnerabilities in Oracle Linux and Virtualization Severity: Category I - VMSKEY: V0061123 |
2014-A-0107 | Multiple Vulnerabilities in Oracle & Sun Systems Products Suite Severity: Category I - VMSKEY: V0053187 |
2014-A-0058 | Multiple Vulnerabilities in Oracle & Sun Systems Product Suite Severity: Category I - VMSKEY: V0049579 |
2014-A-0012 | Multiple Vulnerabilities in Oracle & Sun Systems Product Suite Severity: Category I - VMSKEY: V0043396 |
2013-A-0195 | Multiple Vulnerabilities in Oracle & Sun Systems Product Suite Severity: Category I - VMSKEY: V0040781 |
Snort® IPS/IDS
Date | Description |
---|---|
2019-08-06 | Oracle WebLogic Server blacklisted class use attempt RuleID : 50660 - Type : POLICY-OTHER - Revision : 3 |
2019-08-06 | Oracle WebLogic Server blacklisted class use attempt RuleID : 50659 - Type : POLICY-OTHER - Revision : 3 |
2019-07-23 | Oracle WebLogic Server remote command execution attempt RuleID : 50474 - Type : SERVER-ORACLE - Revision : 2 |
2019-07-23 | Oracle WebLogic Server remote command execution attempt RuleID : 50473 - Type : SERVER-ORACLE - Revision : 2 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50025 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50024 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50023 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50022 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50021 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50020 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50019 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50018 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50017 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50016 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50015 - Type : SERVER-ORACLE - Revision : 1 |
2019-06-04 | Oracle WebLogic Server remote command execution attempt RuleID : 50014 - Type : SERVER-ORACLE - Revision : 1 |
2019-05-30 | Oracle WebLogic Server remote command execution attempt RuleID : 49946 - Type : SERVER-ORACLE - Revision : 1 |
2019-05-30 | Oracle WebLogic Server remote command execution attempt RuleID : 49945 - Type : SERVER-ORACLE - Revision : 1 |
2019-05-30 | Oracle WebLogic Server remote command execution attempt RuleID : 49944 - Type : SERVER-ORACLE - Revision : 1 |
2019-05-29 | Oracle WebLogic Server remote command execution attempt RuleID : 49943 - Type : SERVER-ORACLE - Revision : 2 |
2019-05-29 | Oracle WebLogic Server remote command execution attempt RuleID : 49942 - Type : SERVER-ORACLE - Revision : 2 |
2018-02-20 | Intel x64 side-channel analysis information leak attempt RuleID : 45444 - Type : OS-OTHER - Revision : 2 |
2018-02-20 | Intel x64 side-channel analysis information leak attempt RuleID : 45443 - Type : OS-OTHER - Revision : 2 |
2018-02-06 | Intel x64 side-channel analysis information leak attempt RuleID : 45368 - Type : OS-OTHER - Revision : 2 |
2018-02-06 | Intel x64 side-channel analysis information leak attempt RuleID : 45367 - Type : OS-OTHER - Revision : 2 |
Nessus® Vulnerability Scanner
id | Description |
---|---|
2019-01-18 | Name: The remote Fedora host is missing a security update. File: fedora_2019-a8ffcff7ee.nasl - Type: ACT_GATHER_INFO |
2019-01-02 | Name: Tenable Nessus running on the remote host is affected by multiple vulnerabili... File: nessus_tns_2018_16.nasl - Type: ACT_GATHER_INFO |
2019-01-02 | Name: Tenable Nessus running on the remote host is affected by multiple vulnerabili... File: nessus_tns_2018_17.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: The remote EulerOS host is missing a security update. File: EulerOS_SA-2018-1434.nasl - Type: ACT_GATHER_INFO |
2018-12-28 | Name: Node.js - JavaScript run-time environment is affected by multiple vulnerabili... File: nodejs_2018_nov.nasl - Type: ACT_GATHER_INFO |
2018-12-20 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4355.nasl - Type: ACT_GATHER_INFO |
2018-12-10 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_2a86f45afc3c11e8a41400155d006b02.nasl - Type: ACT_GATHER_INFO |
2018-12-01 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4348.nasl - Type: ACT_GATHER_INFO |
2018-11-23 | Name: The remote Slackware host is missing a security update. File: Slackware_SSA_2018-325-01.nasl - Type: ACT_GATHER_INFO |
2018-11-23 | Name: The remote Debian host is missing a security update. File: debian_DLA-1586.nasl - Type: ACT_GATHER_INFO |
2018-11-13 | Name: The remote FreeBSD host is missing a security-related update. File: freebsd_pkg_6f170cf2e6b711e8a9a8b499baebfeaf.nasl - Type: ACT_GATHER_INFO |
2018-11-02 | Name: The remote device is missing a vendor-supplied security patch. File: f5_bigip_SOL91229003.nasl - Type: ACT_GATHER_INFO |
2018-10-31 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201810-06.nasl - Type: ACT_GATHER_INFO |
2018-10-30 | Name: The remote FreeBSD host is missing one or more security-related updates. File: freebsd_pkg_238ae7dedba211e8b713b499baebfeaf.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing a security update. File: EulerOS_SA-2018-1233.nasl - Type: ACT_GATHER_INFO |
2018-09-18 | Name: The remote EulerOS Virtualization host is missing multiple security updates. File: EulerOS_SA-2018-1236.nasl - Type: ACT_GATHER_INFO |
2018-09-17 | Name: The remote Debian host is missing a security update. File: debian_DLA-1506.nasl - Type: ACT_GATHER_INFO |
2018-09-07 | Name: The remote Debian host is missing a security update. File: debian_DLA-1497.nasl - Type: ACT_GATHER_INFO |
2018-08-17 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-1_0-0098.nasl - Type: ACT_GATHER_INFO |
2018-07-24 | Name: The remote PhotonOS host is missing multiple security updates. File: PhotonOS_PHSA-2018-2_0-0011.nasl - Type: ACT_GATHER_INFO |
2018-07-16 | Name: The remote Debian host is missing a security update. File: debian_DLA-1422.nasl - Type: ACT_GATHER_INFO |
2018-07-09 | Name: The remote Fedora host is missing a security update. File: fedora_2018-9f02e5ed7b.nasl - Type: ACT_GATHER_INFO |
2018-05-30 | Name: The remote Debian host is missing a security-related update. File: debian_DSA-4213.nasl - Type: ACT_GATHER_INFO |
2018-05-23 | Name: The remote Gentoo host is missing one or more security-related patches. File: gentoo_GLSA-201805-08.nasl - Type: ACT_GATHER_INFO |
2018-05-03 | Name: The remote Debian host is missing a security update. File: debian_DLA-1369.nasl - Type: ACT_GATHER_INFO |