Package virtualbox updated to version 5.2.42-alt1 for branch p8 in task 252033.

Published: 2019-04-16

BDU:2019-01512

Уязвимость компонента Core средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2696

Published: 2019-04-16

BDU:2019-01518

Severity: HIGH (7.8) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2690

Published: 2019-04-16

BDU:2019-01528

Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2680

Published: 2019-04-16

BDU:2019-01529

Уязвимость компонента Core средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании и получить несанкционированный доступ к защищаемой информации

Severity: HIGH (7.3) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H

References:

CVE-2019-2679

Published: 2019-04-16

BDU:2019-01530

Уязвимость компонента Core средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2019-2678

Published: 2019-04-16

BDU:2019-01708

Уязвимость компонента Core виртуальной машины VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2019-2574

Published: 2019-04-26

BDU:2019-01748

Уязвимость компонентов WLS9_ASYNC и WLS-WSAT сервера приложений Oracle WebLogic Server, позволяющая нарушителю выполнить произвольный код и перехватить контроль над целевой системой

Severity: CRITICAL (9.8) Vector: AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2019-04-23

BDU:2019-01901

Уязвимость ядра виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить доступ к защищаемой информации

Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2656

Published: 2019-04-23

BDU:2019-02687

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю оказать влияние на конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2019-2657

Published: 2019-07-17

BDU:2019-02791

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2859

Published: 2019-07-17

BDU:2019-02792

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2867

Published: 2019-07-17

BDU:2019-02793

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2866

Published: 2019-07-17

BDU:2019-02794

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2865

Published: 2019-07-17

BDU:2019-02795

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-2864

Published: 2019-07-17

BDU:2019-02802

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2019-2863

Published: 2019-07-17

BDU:2019-02805

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать зависание или частичный отказ в обслуживании

Severity: MEDIUM (5.5) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

CVE-2019-2877

Published: 2019-07-17

BDU:2019-02811

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать частичный отказ в обслуживании

Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2019-2876

Published: 2019-07-17

BDU:2019-02812

Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2019-2875

Published: 2019-07-17

BDU:2019-02813

Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2019-2874

Published: 2019-07-17

BDU:2019-02814

Severity: LOW (3.3) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2019-2873

Published: 2019-10-15

BDU:2019-03787

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать отказ в обслуживании

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2019-3005

Published: 2019-10-15

BDU:2019-03797

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-3017

Published: 2019-10-15

BDU:2019-03805

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю вызвать зависание или отказ в обслуживании

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2019-3021

Published: 2019-10-15

BDU:2019-03807

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2019-3026

Published: 2019-10-15

BDU:2019-03826

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2019-3031

Published: 2019-10-15

BDU:2019-03828

Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2019-3028

Published: 2019-10-18

BDU:2019-03870

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2019-3002

Published: 2019-10-15

BDU:2019-03887

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2019-2984

Published: 2019-10-15

BDU:2019-03948

Severity: LOW (2.3) Vector: AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

References:

CVE-2019-2926

Published: 2020-01-14

BDU:2020-00203

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2020-2725

Published: 2020-01-14

BDU:2020-00204

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2726

Published: 2020-01-14

BDU:2020-00205

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю раскрыть защищаемую информацию

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2727

Published: 2020-01-14

BDU:2020-00269

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2691

Published: 2020-01-14

BDU:2020-00270

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2692

Published: 2020-01-14

BDU:2020-00271

Severity: MEDIUM (5.3) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2693

Published: 2020-01-14

BDU:2020-00276

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2698

Published: 2020-01-14

BDU:2020-00279

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2701

Published: 2020-01-14

BDU:2020-00280

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2702

Published: 2020-01-14

BDU:2020-00281

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2020-2703

Published: 2020-01-14

BDU:2020-00282

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2704

Published: 2020-01-14

BDU:2020-00283

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2705

Published: 2020-01-15

BDU:2020-00346

Уязвимость компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю раскрыть защищаемую информацию

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2689

Published: 2020-01-15

BDU:2020-00348

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2690

Published: 2020-01-15

BDU:2020-00370

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю оказать воздействие на конфиденциальность, целостность и доступность защищаемой информации

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2682

Published: 2020-01-15

BDU:2020-00372

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2681

Published: 2020-01-15

BDU:2020-00375

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить доступ на чтение данных или оказать воздействие на целостность защищаемой информации

Severity: MEDIUM (6.4) Vector: AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N

References:

CVE-2020-2678

Published: 2020-01-14

BDU:2020-00656

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2674

Published: 2020-04-15

BDU:2020-02074

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить контроль над приложением

Severity: HIGH (7.8) Vector: AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

CVE-2020-2929

Published: 2020-04-15

BDU:2020-02077

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2911

Published: 2020-04-15

BDU:2020-02079

Severity: LOW (2.8) Vector: AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

References:

CVE-2020-2909

Published: 2020-04-15

BDU:2020-02080

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2908

Published: 2020-04-15

BDU:2020-02081

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2907

Published: 2020-04-14

BDU:2020-02368

Severity: MEDIUM (6.5) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2020-2951

Published: 2020-04-14

BDU:2020-02369

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2958

Published: 2020-04-14

BDU:2020-02370

Severity: HIGH (8.6) Vector: AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H

References:

CVE-2020-2959

Published: 2020-01-10

BDU:2020-02682

Уязвимость функции shader_glsl_get_register_name компонента Core виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2741

Published: 2020-01-10

BDU:2020-02683

Уязвимость компонента xHCI виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2742

Published: 2020-01-10

BDU:2020-02684

Уязвимость компонента xHCI виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2743

Published: 2020-03-03

BDU:2020-02685

Уязвимость функции vmsvgaR3FifoUpdateCursor виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить несанкционированный доступ к защищаемой информации

Severity: LOW (3.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N

References:

CVE-2020-2748

Published: 2020-03-03

BDU:2020-02686

Уязвимость компонента графического контроллера VBoxVGA виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2758

Published: 2020-04-30

BDU:2020-02687

Уязвимость компонента Core виртуализированного сетевого интерфейса e1000 виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю получить полный контроль над приложением

Severity: MEDIUM (6.0) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

CVE-2020-2894

Published: 2019-12-26

BDU:2020-02688

Уязвимость объектов D3D9 виртуальной машины Oracle VM VirtualBox, позволяющая нарушителю выполнить произвольный код

Severity: HIGH (8.8) Vector: AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2902

Published: 2019-12-26

BDU:2020-02689

Severity: HIGH (8.2) Vector: AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2905

Published: 2020-04-29

BDU:2021-00102

Уязвимость компонента Core программного средства виртуализации Oracle VM VirtualBox, позволяющая нарушителю получить привилегированный доступ к инфраструктуре

Severity: HIGH (7.5) Vector: AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

CVE-2020-2575

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2574

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2656

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2657

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2678

Severity: MEDIUM (6.5) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2679

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.3 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H).

Severity: HIGH (7.3) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2680

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2690

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (7.8) Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2696

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2703

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2721

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2722

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-23
Modified: 2024-11-21

CVE-2019-2723

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-04-26
Modified: 2025-02-07

CVE-2019-2725

Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services). Supported versions that are affected are 10.3.6.0.0 and 12.1.3.0.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle WebLogic Server. Successful attacks of this vulnerability can result in takeover of Oracle WebLogic Server. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).

Severity: CRITICAL (9.8) Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2848

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2850

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 2.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).

Severity: LOW (2.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2859

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2863

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2864

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2865

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2866

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.2) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2867

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.2) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2873

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2874

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2875

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2876

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).

Severity: LOW (3.3) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

References:

Published: 2019-07-24
Modified: 2024-11-21

CVE-2019-2877

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (5.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-2926

Severity: LOW (2.3) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-2944

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).

Severity: HIGH (7.3) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-2984

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Severity: MEDIUM (6.0) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-3002

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Severity: MEDIUM (6.0) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-3005

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).

Severity: MEDIUM (6.0) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-3017

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.2) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-3021

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-3026

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

Severity: MEDIUM (6.5) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-3028

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (8.8) Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

References:

Published: 2019-10-16
Modified: 2024-11-21

CVE-2019-3031

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Severity: MEDIUM (6.0) Vector: CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N

References:

Published: 2020-04-29
Modified: 2024-11-21

CVE-2020-2575

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).

Severity: HIGH (7.5) Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H

References: