opensuse/virtualbox&distro=openSUSE Leap 15.1

Vulnerabilities (96)

• CVE-2019-2448Jan 16, 2019
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O

• CVE-2019-2446Jan 16, 2019
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O

• CVE-2018-0734Oct 30, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  The OpenSSL DSA signature algorithm has been shown to be vulnerable to a timing side channel attack. An attacker could use variations in the signing algorithm to recover the private key. Fixed in OpenSSL 1.1.1a (Affected 1.1.1). Fixed in OpenSSL 1.1.0j (Affected 1.1.0-1.1.0i). Fi

• CVE-2018-3298Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3297Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3296Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3295Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3294Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM Virtu

• CVE-2018-3293Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3292Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3291Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3290Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3289Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-3288Oct 17, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

• CVE-2018-11784Oct 4, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated

• CVE-2018-11763Sep 25, 2018
  affected < 6.0.10-lp151.2.6.1fixed 6.0.10-lp151.2.6.1

  In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 p