cbcvebase.

Sun Virtualbox vulnerabilities

153 known vulnerabilities affecting sun/virtualbox.

Total CVEs
153
CISA KEV
0
Public exploits
15
Exploited in wild
0
Severity breakdown
HIGH70MEDIUM54LOW29

Vulnerabilities

Page 7 of 8
CVE-2017-3332HIGHCVSS 8.4≥ 0, < 5.1.38-dfsg-0ubuntu1.16.04.12017-01-27
CVE-2017-3332 [HIGH] CVE-2017-3332: Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: VirtualBox SVGA Emulation) Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: VirtualBox SVGA Emulation). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to
osv
CVE-2017-3316HIGHCVSS 8.4PoC≥ 0, < 5.1.38-dfsg-0ubuntu1.16.04.12017-01-27
CVE-2017-3316 [HIGH] CVE-2017-3316: Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI) Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: GUI). Supported versions that are affected are VirtualBox prior to 5.0.32 and prior to 5.1.14. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise Oracle VM VirtualBox. Successful attacks require human int
osv
CVE-2016-0678MEDIUMCVSS 6.7≥ 0, < 5.0.18-dfsg-12016-04-21
CVE-2016-0678 [MEDIUM] CVE-2016-0678: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core.
osv
CVE-2016-0495MEDIUMCVSS 4.3≥ 0, < 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.12016-01-21
CVE-2016-0495 [MEDIUM] CVE-2016-0495: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core.
osv
CVE-2016-0592LOWCVSS 2.1≥ 0, < 4.3.36-dfsg-1+deb8u1ubuntu1.14.04.12016-01-21
CVE-2016-0592 [LOW] CVE-2016-0592: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core.
osv
CVE-2015-4896MEDIUMCVSS 5.0≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12015-10-21
CVE-2015-4896 [MEDIUM] CVE-2015-4896: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP) enabled, allows remote attackers to affect availability via unknown vectors related to Core.
osv
CVE-2015-4856MEDIUMCVSS 4.9≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12015-10-21
CVE-2015-4856 [MEDIUM] CVE-2015-4856: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.30, 4.1.38, 4.2.30, 4.3.26, and 5.0.0 allows local users to affect availability via unknown vectors related to Core.
osv
CVE-2015-4813LOWCVSS 2.1≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12015-10-21
CVE-2015-4813 [LOW] CVE-2015-4813: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Core.
osv
CVE-2015-2594MEDIUMCVSS 6.6≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12015-07-16
CVE-2015-2594 [MEDIUM] CVE-2015-2594: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.32, 4.1.40, 4.2.32, and 4.3.30 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.
osv
CVE-2014-6589LOWCVSS 3.2≥ 0, < 4.3.10-dfsg-1ubuntu22015-01-21
CVE-2014-6589 [LOW] CVE-2014-6589: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6590, CVE-2014-6595, and CVE-2015-0427.
osv
CVE-2014-6595LOWCVSS 3.2≥ 0, < 4.3.10-dfsg-1ubuntu22015-01-21
CVE-2014-6595 [LOW] CVE-2014-6595: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2015-0427.
osv
CVE-2015-0427LOWCVSS 3.2≥ 0, < 4.3.10-dfsg-1ubuntu22015-01-21
CVE-2015-0427 [LOW] CVE-2015-0427: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2014-6595.
osv
CVE-2014-6590LOWCVSS 3.2≥ 0, < 4.3.10-dfsg-1ubuntu22015-01-21
CVE-2014-6590 [LOW] CVE-2014-6590: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6595, and CVE-2015-0427.
osv
CVE-2014-6588LOWCVSS 3.2≥ 0, < 4.3.10-dfsg-1ubuntu22015-01-21
CVE-2014-6588 [LOW] CVE-2014-6588: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6589, CVE-2014-6590, CVE-2014-6595, and CVE-2015-0427.
osv
CVE-2014-2489MEDIUMCVSS 4.1≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12014-07-17
CVE-2014-2489 [MEDIUM] CVE-2014-2489: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.
osv
CVE-2014-4261MEDIUMCVSS 6.9≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12014-07-17
CVE-2014-4261 [MEDIUM] CVE-2014-4261: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2487.
osv
CVE-2014-2487MEDIUMCVSS 6.9≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12014-07-17
CVE-2014-2487 [MEDIUM] CVE-2014-2487: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.14, when running on Windows, allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-4261.
osv
CVE-2014-4228MEDIUMCVSS 4.4≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12014-07-17
CVE-2014-4228 [MEDIUM] CVE-2014-4228: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, 4.2.26, and 4.3.12 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.
osv
CVE-2014-2486LOWCVSS 3.6≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12014-07-17
CVE-2014-2486 [LOW] CVE-2014-2486: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2477.
osv
CVE-2014-2477LOWCVSS 3.6PoC≥ 0, < 4.3.34-dfsg-1+deb8u1ubuntu1.14.04.12014-07-17
CVE-2014-2477 [LOW] CVE-2014-2477: Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 3.2.24, 4.0.26, 4.1.34, 4.2.26, and 4.3.12 allows local users to affect integrity and availability via unknown vectors related to Core, a different vulnerability than CVE-2014-2486.
osv
← Previous7 / 8Next →