Oracle Vm Virtualbox vulnerabilities
417 known vulnerabilities affecting oracle/vm_virtualbox.
Total CVEs
417
CISA KEV
1
actively exploited
Public exploits
21
Exploited in wild
1
Severity breakdown
CRITICAL5HIGH195MEDIUM165LOW52
Vulnerabilities
Page 21 of 21
CVE-2014-2477LOWCVSS 3.6PoC≤ 4.0.24v4.0+61 more2014-07-17
CVE-2014-2477 [LOW] CVE-2014-2477: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2486.
nvd
CVE-2014-2441MEDIUMCVSS 4.4≤ 4.1.30v4.1.0+14 more2014-04-16
CVE-2014-2441 [MEDIUM] CVE-2014-2441: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.32, 4.2.24, and 4.3.10 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.
nvd
CVE-2014-0981MEDIUMCVSS 4.4PoCv4.2.0v4.2.2+13 more2014-03-31
CVE-2014-0981 [MEDIUM] CWE-399 CVE-2014-0981: VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x befo
VBox/GuestHost/OpenGL/util/net.c in Oracle VirtualBox before 3.2.22, 4.0.x before 4.0.24, 4.1.x before 4.1.32, 4.2.x before 4.2.24, and 4.3.x before 4.3.8, when using 3D Acceleration allows local guest OS users to execute arbitrary code on the Chromium server via crafted Chromium network pointer in a (1) CR_MESSAGE_READBACK or (2) CR_MESSAGE_WRITEBACK
nvd
CVE-2014-0983MEDIUMCVSS 6.9PoCv4.2.0v4.2.2+13 more2014-03-31
CVE-2014-0983 [MEDIUM] CWE-399 CVE-2014-0983: Multiple array index errors in programs that are automatically generated by VBox/HostServices/Shared
Multiple array index errors in programs that are automatically generated by VBox/HostServices/SharedOpenGL/crserverlib/server_dispatch.py in Oracle VirtualBox 4.2.x through 4.2.20 and 4.3.x before 4.3.8, when using 3D Acceleration, allow local guest OS users to execute arbitrary code on the Chromium server via certain CR_MESSAGE_OPCODES messages with
nvd
CVE-2014-0407LOWCVSS 3.5≤ 4.1.28v4.1.0+47 more2014-01-15
CVE-2014-0407 [LOW] CVE-2014-0407: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0405.
nvd
CVE-2013-5892LOWCVSS 3.5≤ 3.2.18v3.2.0+49 more2014-01-15
CVE-2013-5892 [LOW] CVE-2013-5892: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.22, and 4.3.6 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.
nvd
CVE-2014-0405LOWCVSS 3.5≤ 4.2.18v4.2.0+47 more2014-01-15
CVE-2014-0405 [LOW] CVE-2014-0405: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0407.
nvd
CVE-2014-0404LOWCVSS 2.4≤ 3.2.18v3.2.0+47 more2014-01-15
CVE-2014-0404 [LOW] CVE-2014-0404: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0406.
nvd
CVE-2014-0406LOWCVSS 2.4≤ 4.1.28v4.1.0+47 more2014-01-15
CVE-2014-0406 [LOW] CVE-2014-0406: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.20, 4.0.22, 4.1.30, 4.2.20, and 4.3.4 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-0404.
nvd
CVE-2013-3792LOWCVSS 3.8PoC≤ 4.2.16v4.2.0+57 more2013-10-16
CVE-2013-3792 [LOW] CVE-2013-3792: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.18, 4.0.20, 4.1.28, and 4.2.18 allows local users to affect availability via unknown vectors related to Core.
nvd
CVE-2013-3779HIGHCVSS 7.5v4.6v4.7+3 more2013-07-17
CVE-2013-3779 [HIGH] CVE-2013-3779: Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 re
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.
nvd
CVE-2013-0420LOWCVSS 2.4v4.0v4.1.0+1 more2013-01-17
CVE-2013-0420 [LOW] CVE-2013-0420: Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 all
Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrec
nvd
CVE-2012-0111LOWCVSS 3.6v4.12012-01-18
CVE-2012-0111 [LOW] CVE-2012-0111: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders.
nvd
CVE-2012-0105LOWCVSS 3.7v4.12012-01-18
CVE-2012-0105 [LOW] CVE-2012-0105: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Guest Additions.
nvd
CVE-2011-2305MEDIUMCVSS 6.2v3.0v3.1+2 more2011-07-21
CVE-2011-2305 [MEDIUM] CVE-2011-2305: Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality,
Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors.
nvd
CVE-2011-2300LOWCVSS 3.7v4.02011-07-21
CVE-2011-2300 [LOW] CVE-2011-2300: Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 through 4.0.8 allows local
Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 through 4.0.8 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Guest Additions for Windows.
nvd
CVE-2010-4414MEDIUMCVSS 6.8v4.02011-01-19
CVE-2010-4414 [MEDIUM] CVE-2010-4414: Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality,
Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Extensions.
nvd
← Previous21 / 21