CVE-2019-2554

CVE-2019-2554 affects Oracle VM VirtualBox (Core). Affected are Oracle VM VirtualBox versions prior to 5.2.24 and prior to 6.0.2. According to the description, a low-privilege attacker who has logon to the infrastructure where VirtualBox runs can compromise VirtualBox, with potential unauthorized...

CVE-2019-2553

CVE-2019-2553 affects the Oracle VM VirtualBox Core component. Affected versions are prior to 5.2.24 and prior to 6.0.2. The issue is exploitable by a low-privileged, logon-based attacker ; successful exploitation can yield unauthorized read access to a subset of Oracle VM VirtualBox data. Public...

CVE-2019-2552

CVE-2019-2552 affects Oracle VM VirtualBox (Core) with affected versions prior to 5.2.24 and prior to 6.0.2. The issue is exploited locally by a low-privilege user who can log on to the infrastructure where VirtualBox runs, potentially leading to takeover of Oracle VM VirtualBox and significant i...

CVE-2019-2522

An active CVE entry for CVE-2019-2522 affects the Oracle VM VirtualBox core component. The vulnerability exists in affected Oracle VirtualBox releases prior to 5.2.24 and prior to 6.0.2. According to connected advisories, a low-privilege, logged-on attacker can compromise Oracle VM VirtualBox, wi...

CVE-2019-2527

CVE-2019-2527 affects the Oracle VM VirtualBox core component. The vulnerability is exploitable by a low-privilege, local attacker with logon access to the host environment where VirtualBox runs, and can lead to a hang or frequent crash (partial/complete DoS) of VirtualBox. Affected releases are ...

CVE-2019-2509

CVE-2019-2509 affects Oracle VM VirtualBox (Core). Affected: Oracle VM VirtualBox versions prior to 5.2.24 and prior to 6.0.2. Root cause: vulnerability in VirtualBox core that enables a low-privileged attacker with logon to the infrastructure running VirtualBox to crash or hang the VM platform (...

CVE-2019-2526

CVE-2019-2526 is a local, high-severity vulnerability in the Oracle VM VirtualBox Core component (affecting 5.2.x before 5.2.24 and 6.0.x before 6.0.2). Exploitation requires logon to the infrastructure hosting VirtualBox; successful exploits can lead to takeover of Oracle VM VirtualBox. OpenSUSE...

CVE-2019-2520

CVE-2019-2520 is a vulnerability in the Oracle VM VirtualBox Core component. Public documentation confirms a vulnerability with Local access, enabling low-privilege logon attackers to compromise VirtualBox, potentially affecting other products. Affected versions are before 5.2.24 (and before 6.0....

CVE-2019-2555

CVE-2019-2555 concerns a vulnerability in the Oracle VM VirtualBox Core subcomponent. Affected are Open VirtualBox versions prior to 5.2.24 and prior to 6.0.2. The issue is described as easily exploitable, allowing a low-privileged attacker with logon to the infrastructure where VirtualBox runs t...

CVE-2019-2556

CVE-2019-2556 affects Oracle VM VirtualBox (Core) with affected builds prior to 5.2.24 and prior to 6.0.2. The issue is exploitable locally: an attacker who can log on to the host infrastructure can compromise VirtualBox, with potential impact to data confidentiality. Public documents from OpenSU...

CVE-2019-2548

CVE-2019-2548 affects Oracle VM VirtualBox Core with vulnerable paths in the OpenGL/HGCM pipeline. The Oracle VirtualBox components for hosts prior to 5.2.24 and 6.0.2 are exploitable when a low-privileged user with logon can trigger an attacker-controlled call chain. Public material in connected...

CVE-2019-2505

CVE-2019-2505 affects Oracle VM VirtualBox (Core) with affected versions before 5.2.24 and before 6.0.2. It is a local, low-privilege vulnerability that can allow read access to a subset of VirtualBox data; exploitation requires logon to the host where VirtualBox runs and can impact other product...

CVE-2019-2511

CVE-2019-2511 affects the Oracle VM VirtualBox core component. Affected versions are prior to 5.2.24 and prior to 6.0.2; exploitation occurs over the network via SOAP by an unauthenticated attacker, leading to a hang or complete denial-of-service of VirtualBox. Remediation observed in connected a...

CVE-2019-2500

The CVE-2019-2500 issue affects Oracle VM VirtualBox (Core subcomponent) in affected releases before 5.2.24 and before 6.0.2. The vulnerability is described as easily exploitable with a low-privilege attacker who can log on to the infrastructure where VirtualBox runs, potentially leading to takeo...

CVE-2019-2451

CVE-2019-2451 is a vulnerability in the Oracle VM VirtualBox core component. Affected products are Oracle VM VirtualBox versions before 5.2.24 and before 6.0.2. The issue is described as an easily exploitable, local/low-privilege flaw that allows a user with logon to the infrastructure where Virt...

CVE-2019-2446

CVE-2019-2446 affects Oracle VM VirtualBox (Core) with vulnerable OpenGL/guest-VM handling prior to 5.2.24 and prior to 6.0.2. Exploitation could allow a low-privileged user with logon to the host infrastructure to access or compromise data within VirtualBox. Public advisories from OpenSUSE/Magei...

CVE-2019-2450

CVE-2019-2450 affects Oracle VM VirtualBox (Core) with affected versions prior to 5.2.24 and prior to 6.0.2. The issue is exploitable by a low-privilege user that can log on to the infrastructure where VirtualBox runs, potentially leading to unauthorized access to data or complete access to data ...

CVE-2019-2523

CVE-2019-2523 is a vulnerability in the Oracle VM VirtualBox Core component. Affected products/versions include Oracle VM VirtualBox < 5.2.24 and

CVE-2019-2521

CVE-2019-2521 affects the Oracle VM VirtualBox core component. Public details in connected docs show affected product family as Oracle VM VirtualBox with vulnerable releases in OpenSUSE/Mageia advisories. The vulnerability exists in VirtualBox before version 5.2.24 (and before 6.0.2 for some line...

CVE-2019-2524

CVE-2019-2524 affects the Oracle VM VirtualBox core. Affected versions are before 5.2.24 and before 6.0.2. The vulnerability allows a low-privileged attacker with local logon to compromise VirtualBox, with potential impact on additional products and possible takeover of VirtualBox. The CVSS v3.0 ...