rpm package
opensuse/virtualbox&distro=openSUSE Leap 15.3
pkg:rpm/opensuse/virtualbox&distro=openSUSE%20Leap%2015.3
Vulnerabilities (60)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2022-21571 | — | < 6.1.36-lp153.2.33.2 | 6.1.36-lp153.2.33.2 | Jul 19, 2022 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex | ||
| CVE-2022-21554 | — | < 6.1.36-lp153.2.33.2 | 6.1.36-lp153.2.33.2 | Jul 19, 2022 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex | ||
| CVE-2022-21394 | — | < 6.1.32-lp153.2.21.1 | 6.1.32-lp153.2.21.1 | Jan 19, 2022 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox exe | ||
| CVE-2021-42386 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function | ||
| CVE-2021-42385 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | ||
| CVE-2021-42384 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function | ||
| CVE-2021-42383 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function | ||
| CVE-2021-42382 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function | ||
| CVE-2021-42381 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function | ||
| CVE-2021-42380 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function | ||
| CVE-2021-42379 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function | ||
| CVE-2021-42378 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function | ||
| CVE-2021-42377 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered c | ||
| CVE-2021-42376 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input. | ||
| CVE-2021-42375 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input. | ||
| CVE-2021-42374 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that | ||
| CVE-2021-42373 | — | < 6.1.34-lp153.2.27.2 | 6.1.34-lp153.2.27.2 | Nov 15, 2021 | A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given | ||
| CVE-2021-35545 | — | < 6.1.28-lp153.2.12.1 | 6.1.28-lp153.2.12.1 | Oct 20, 2021 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex | ||
| CVE-2021-35542 | — | < 6.1.28-lp153.2.12.1 | 6.1.28-lp153.2.12.1 | Oct 20, 2021 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex | ||
| CVE-2021-35540 | — | < 6.1.28-lp153.2.12.1 | 6.1.28-lp153.2.12.1 | Oct 20, 2021 | Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox exe |
- CVE-2022-21571Jul 19, 2022affected < 6.1.36-lp153.2.33.2fixed 6.1.36-lp153.2.33.2
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex
- CVE-2022-21554Jul 19, 2022affected < 6.1.36-lp153.2.33.2fixed 6.1.36-lp153.2.33.2
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.36. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex
- CVE-2022-21394Jan 19, 2022affected < 6.1.32-lp153.2.21.1fixed 6.1.32-lp153.2.21.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.32. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox exe
- CVE-2021-42386Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the nvalloc function
- CVE-2021-42385Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
- CVE-2021-42384Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the handle_special function
- CVE-2021-42383Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the evaluate function
- CVE-2021-42382Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_s function
- CVE-2021-42381Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the hash_init function
- CVE-2021-42380Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the clrvar function
- CVE-2021-42379Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the next_input_file function
- CVE-2021-42378Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A use-after-free in Busybox's awk applet leads to denial of service and possibly code execution when processing a crafted awk pattern in the getvar_i function
- CVE-2021-42377Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
An attacker-controlled pointer free in Busybox's hush applet leads to denial of service and possible code execution when processing a crafted shell command, due to the shell mishandling the &&& string. This may be used for remote code execution under rare conditions of filtered c
- CVE-2021-42376Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A NULL pointer dereference in Busybox's hush applet leads to denial of service when processing a crafted shell command, due to missing validation after a \x03 delimiter character. This may be used for DoS under very rare conditions of filtered command input.
- CVE-2021-42375Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
An incorrect handling of a special element in Busybox's ash applet leads to denial of service when processing a crafted shell command, due to the shell mistaking specific characters for reserved characters. This may be used for DoS under rare conditions of filtered command input.
- CVE-2021-42374Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
An out-of-bounds heap read in Busybox's unlzma applet leads to information leak and denial of service when crafted LZMA-compressed input is decompressed. This can be triggered by any applet/format that
- CVE-2021-42373Nov 15, 2021affected < 6.1.34-lp153.2.27.2fixed 6.1.34-lp153.2.27.2
A NULL pointer dereference in Busybox's man applet leads to denial of service when a section name is supplied but no page argument is given
- CVE-2021-35545Oct 20, 2021affected < 6.1.28-lp153.2.12.1fixed 6.1.28-lp153.2.12.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex
- CVE-2021-35542Oct 20, 2021affected < 6.1.28-lp153.2.12.1fixed 6.1.28-lp153.2.12.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox ex
- CVE-2021-35540Oct 20, 2021affected < 6.1.28-lp153.2.12.1fixed 6.1.28-lp153.2.12.1
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). The supported version that is affected is Prior to 6.1.28. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox exe
Page 1 of 3