rpm package

opensuse/virtualbox&distro=openSUSE Tumbleweed

pkg:rpm/opensuse/virtualbox&distro=openSUSE%20Tumbleweed

Vulnerabilities (87)

CVE	CVSS	Affected versions	Fixed in	Published	Description
CVE-2020-2681	—	< 6.1.26-3.2	6.1.26-3.2	Jan 15, 2020	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastruc
CVE-2020-2674	—	< 6.1.26-3.2	6.1.26-3.2	Jan 15, 2020	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
CVE-2019-3028	—	< 6.1.26-3.2	6.1.26-3.2	Oct 16, 2019	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracl
CVE-2019-2984	—	< 6.1.26-3.2	6.1.26-3.2	Oct 16, 2019	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Orac
CVE-2019-2926	—	< 6.1.26-3.2	6.1.26-3.2	Oct 16, 2019	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Orac
CVE-2019-2859	—	< 6.1.26-3.2	6.1.26-3.2	Jul 23, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2019-2848	—	< 6.1.26-3.2	6.1.26-3.2	Jul 23, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2019-2722	—	< 6.1.26-3.2	6.1.26-3.2	Apr 23, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2678	—	< 6.1.26-3.2	6.1.26-3.2	Apr 23, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2656	—	< 6.1.26-3.2	6.1.26-3.2	Apr 23, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2521	—	< 6.1.26-3.2	6.1.26-3.2	Jan 16, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2019-2501	—	< 6.1.26-3.2	6.1.26-3.2	Jan 16, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2500	—	< 6.1.26-3.2	6.1.26-3.2	Jan 16, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2450	—	< 6.1.26-3.2	6.1.26-3.2	Jan 16, 2019	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2018-3294	—	< 6.1.26-3.2	6.1.26-3.2	Oct 17, 2018	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM Virtu
CVE-2018-3288	—	< 6.1.26-3.2	6.1.26-3.2	Oct 17, 2018	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
CVE-2018-11784	—	< 6.1.26-3.2	6.1.26-3.2	Oct 4, 2018	When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated
CVE-2018-11763	—	< 6.1.26-3.2	6.1.26-3.2	Sep 25, 2018	In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 p
CVE-2018-3087	—	< 6.1.26-3.2	6.1.26-3.2	Jul 18, 2018	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
CVE-2018-3005	—	< 6.1.26-3.2	6.1.26-3.2	Jul 18, 2018	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

CVE-2020-2681Jan 15, 2020
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastruc
CVE-2020-2674Jan 15, 2020
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastru
CVE-2019-3028Oct 16, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracl
CVE-2019-2984Oct 16, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Orac
CVE-2019-2926Oct 16, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Orac
CVE-2019-2859Jul 23, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2019-2848Jul 23, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2019-2722Apr 23, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2678Apr 23, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2656Apr 23, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2521Jan 16, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where
CVE-2019-2501Jan 16, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2500Jan 16, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2019-2450Jan 16, 2019
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are prior to 5.2.24 and prior to 6.0.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where O
CVE-2018-3294Oct 17, 2018
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM Virtu
CVE-2018-3288Oct 17, 2018
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
CVE-2018-11784Oct 4, 2018
affected < 6.1.26-3.2fixed 6.1.26-3.2
When the default servlet in Apache Tomcat versions 9.0.0.M1 to 9.0.11, 8.5.0 to 8.5.33 and 7.0.23 to 7.0.90 returned a redirect to a directory (e.g. redirecting to '/foo/' when the user requested '/foo') a specially crafted URL could be used to cause the redirect to be generated
CVE-2018-11763Sep 25, 2018
affected < 6.1.26-3.2fixed 6.1.26-3.2
In Apache HTTP Server 2.4.17 to 2.4.34, by sending continuous, large SETTINGS frames a client can occupy a connection, server thread and CPU time without any connection timeout coming to effect. This affects only HTTP/2 connections. A possible mitigation is to not enable the h2 p
CVE-2018-3087Jul 18, 2018
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB
CVE-2018-3005Jul 18, 2018
affected < 6.1.26-3.2fixed 6.1.26-3.2
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.16. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualB

Page 3 of 5