CVE-2016-15050 Nagios XI < 5.2.4 SQL Injection in Notification Search

Nagios XI versions prior to 5.2.4 contain a SQL injection vulnerability in the notification search functionality. User-supplied search parameters were incorporated into SQL statements without adequate parameterization or sanitation, allowing an authenticated user to manipulate database queries...

SUSE CVE-2019-2525

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualB...

CVE-2019-2506

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

UBUNTU-CVE-2019-2555

Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization subcomponent: Core. Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox...

CFME: reflected XSS in several places due to missing JavaScript escaping

Cross-site scripting XSS vulnerability in application/panelcontrol in CloudForms 3.0 Management Engine CFME before 5.2.4.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...