CVE-2021-2321

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromis...

(Pwn2Own) Oracle VirtualBox SLiRP Networking Heap-based Overflow Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the parsing...

(Pwn2Own) Oracle VirtualBox e1000 Out-Of-Bounds Read Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

Oracle Virtualization 缓冲区错误漏洞

Oracle Virtualization is a suite of virtualization solutions from Oracle. The product is used to unify the management of the entire hardware and software architecture from applications to disk, enabling virtualization from the desktop to the data center. A buffer error vulnerability exists in...

SUSE openSUSE 安全漏洞

openSUSE is a suite of Linux-based free operating systems and open source community projects from the German company SUSE. A security vulnerability exists in openSUSE VirtualBox, which can be exploited by an attacker to bypass restrictions and escalate his privileges by automatically booting...

MGASA-2021-0197 Updated virtualbox packages fix security vulnerabilities

This update provides the upstream 6.1.20 maintenance release that fixes at least the following security vulnerabilities: A difficult to exploit vulnerability in the Oracle VM VirtualBox component: Core prior to 6.1.20 allows high privileged attacker with logon to the infrastructure where Oracle V...

Updated virtualbox packages fix security vulnerabilities

This update provides the upstream 6.1.20 maintenance release that fixes at least the following security vulnerabilities: A difficult to exploit vulnerability in the Oracle VM VirtualBox component: Core prior to 6.1.20 allows high privileged attacker with logon to the infrastructure where Oracle V...

Information Disclosure

virtualbox is vulnerable to information disclosure. A local privileged user is able to gain access to confidential information due to lack of input validation...

Privilege Escalation

virtualbox is vulnerable to privilege escalation. An attacker is able to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox...

Privilege Escalation

virtualbox:sid is vulnerable privilege escalation. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantl...

Privilege Escalation

virtualbox:sid is vulnerable privilege escalation. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantl...

Authorization Bypass

virtualbox is vulnerable to authorization bypass. A local non-authenticated attacker is able to perform unauthorized data modification due to improper input validation within the Core component...

Privilege Escalation

virtualbox is vulnerable to privilege escalation. An attacker is able to logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox...

Privilege Escalation

virtualbox:sid is vulnerable privilege escalation. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantl...

Information Disclosure

virtualbox is vulnerable to information disclosure. A local non-authenticated attacker is able to gain access to confidential information due to improper input validation within the Core component...

Privilege Escalation

virtualbox is vulnerable to privilege escalation. An attacker is able to logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox...

Privilege Escalation

virtualbox:sid is vulnerable privilege escalation. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantl...

Authorization Bypass

virtualbox is vulnerable to authorization bypass. A local non-authenticated attacker is able to perform unauthorized modification of data due to improper input validation within the Core component...

CVE-2021-2296

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...

CVE-2021-2310

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization component: Core. The supported version that is affected is Prior to 6.1.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to...