rpm package
opensuse/virtualbox&distro=openSUSE Leap 15.0
pkg:rpm/opensuse/virtualbox&distro=openSUSE%20Leap%2015.0
Vulnerabilities (67)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2018-3292 | — | < 6.0.10-lp151.2.6.1 | 6.0.10-lp151.2.6.1 | Oct 17, 2018 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB | ||
| CVE-2018-3291 | — | < 6.0.10-lp151.2.6.1 | 6.0.10-lp151.2.6.1 | Oct 17, 2018 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB | ||
| CVE-2018-3290 | — | < 6.0.10-lp151.2.6.1 | 6.0.10-lp151.2.6.1 | Oct 17, 2018 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB | ||
| CVE-2018-3289 | — | < 6.0.10-lp151.2.6.1 | 6.0.10-lp151.2.6.1 | Oct 17, 2018 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB | ||
| CVE-2018-3288 | — | < 6.0.10-lp151.2.6.1 | 6.0.10-lp151.2.6.1 | Oct 17, 2018 | Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB | ||
| CVE-2018-11784 | — | < 5.2.24-lp150.4.33.1 | 5.2.24-lp150.4.33.1 | Oct 4, 2018 | When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated | ||
| CVE-2018-11763 | — | < 5.2.24-lp150.4.33.1 | 5.2.24-lp150.4.33.1 | Sep 25, 2018 | In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 p |
- CVE-2018-3292Oct 17, 2018affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
- CVE-2018-3291Oct 17, 2018affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
- CVE-2018-3290Oct 17, 2018affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
- CVE-2018-3289Oct 17, 2018affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
- CVE-2018-3288Oct 17, 2018affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
- CVE-2018-11784Oct 4, 2018affected < 5.2.24-lp150.4.33.1fixed 5.2.24-lp150.4.33.1
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated
- CVE-2018-11763Sep 25, 2018affected < 5.2.24-lp150.4.33.1fixed 5.2.24-lp150.4.33.1
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 p
Page 4 of 4