PT-2026-34166

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.6 Description An issue in the Core component allows a high privileged attacker with logon access to the infrastructure where the software executes to compromise the system. Successful exploitation can result in...

PT-2026-3737

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox versions 7.1.14 and 7.2.4 Description An easily exploitable issue exists in the Oracle VM VirtualBox Core component, potentially allowing a high-privileged attacker with access to the system where Oracle VM VirtualBox runs...

PT-2026-34163

Name of the Vulnerable Software and Affected Versions Oracle VM VirtualBox version 7.2.6 Description An issue in the Core component of Oracle VM VirtualBox allows a high privileged attacker with logon access to the infrastructure where the software executes to compromise the system. Successful...

ROS-20251216-7336

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to an access control flaw. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...

ROS-20251216-7338

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to an access control flaw. Exploitation of the vulnerability could allow an attacker to gain unauthorized access to protected information...

ROS-20251216-7337

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to an access control flaw. Exploitation of the vulnerability may allow an attacker to gain unauthorized access to protected information...

ROS-20251216-7343

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to access control flaws. Exploitation of the vulnerability could allow an attacker to gain full control over the application...

ROS-20251216-7341

A vulnerability in the qemuFwCfgMmioRead function of the Box/Devices/PC/DevQemuFwCfg.cpp component of the Oracle VM VirtualBox virtualization software tool is related to integer overflow. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

ROS-20251216-7342

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to access control flaws. Exploitation of the vulnerability could allow an attacker to gain full control over the application...

ROS-20251216-7340

A vulnerability in the qemuFwCfgMmioRead function of the Box/Devices/PC/DevQemuFwCfg.cpp component of the Oracle VM VirtualBox virtualization software tool is related to integer overflow. Exploitation of the vulnerability may allow an intruder to gain unauthorized access to protected information...

ROS-20251216-7330

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to access control flaws. Exploitation of the vulnerability could allow an attacker to gain full control over the application...

ROS-20251216-7332

A vulnerability in the Core component of the Oracle VM VirtualBox virtualization software tool is related to access control flaws. Exploitation of the vulnerability could allow an attacker to gain full control over the application...

ROS-20251216-7322

A vulnerability in the "virtioCoreR3VirtqInfo" function of the "VBoxManage debugvm" command of the Oracle VM VirtualBox virtualization software tool is related to a stack-based buffer overflow. Exploitation of the vulnerability could allow an attacker to execute arbitrary code and gain unauthoriz...

Linux Distros Unpatched Vulnerability : CVE-2025-62587

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily...

Linux Distros Unpatched Vulnerability : CVE-2025-61759

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily...

Linux Distros Unpatched Vulnerability : CVE-2025-62589

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Easily...

Linux Distros Unpatched Vulnerability : CVE-2025-61760

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. Supported versions that are affected are 7.1.12 and 7.2.2. Difficult...

Oracle VirtualBox VMSVGA Stack-based Buffer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VMSVGA...

Oracle VirtualBox USB Use-After-Free Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the USB...

Oracle VirtualBox VMSVGA Integer Overflow Local Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the VMSVGA...