Virtualization

CVEs (20)

CVE	Risk	CVSS	EPSS	Published	Description
CVE-2012-3221	0.03	—	0.00	Oct 17, 2012	Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the October 2012 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect interrupt handling."
CVE-2015-2581	0.00	—	0.01	Jul 16, 2015	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.
CVE-2014-0230	0.00	—	0.03	Jun 7, 2015	Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
CVE-2014-6459	0.00	—	0.01	Oct 15, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-2476.
CVE-2014-2476	0.00	—	0.01	Oct 15, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-6459.
CVE-2014-2475	0.00	—	0.01	Oct 15, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv).
CVE-2014-2474	0.00	—	0.01	Oct 15, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2476, and CVE-2014-6459.
CVE-2014-2473	0.00	—	0.01	Oct 15, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv) and SGD SSL Daemon (ttassl).
CVE-2014-2472	0.00	—	0.01	Oct 15, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2474, CVE-2014-2476, and CVE-2014-6459.
CVE-2014-2463	0.00	—	0.00	Apr 16, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-4232.
CVE-2014-2439	0.00	—	0.00	Apr 16, 2014	Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application.
CVE-2013-3834	0.00	—	0.01	Oct 16, 2013	Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv.
CVE-2013-3782	0.00	—	0.00	Jul 17, 2013	Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI.
CVE-2013-3779	0.00	—	0.01	Jul 17, 2013	Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.
CVE-2013-0420	0.00	—	0.00	Jan 17, 2013	Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary."
CVE-2012-1685	0.00	—	0.01	Oct 16, 2012	Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote attackers to affect integrity via unknown vectors related to Core.
CVE-2012-0111	0.00	—	0.00	Jan 18, 2012	Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders.
CVE-2012-0105	0.00	—	0.00	Jan 18, 2012	Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Guest Additions.
CVE-2011-3571	0.00	—	0.00	Jan 18, 2012	Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session. NOTE: this CVE identifier was accidentally used for a Concurrency issue in Java Runtime Environment, but that issue has been reassigned to CVE-2012-0507.
CVE-2011-3538	0.00	—	0.01	Oct 18, 2011	Unspecified vulnerability in the Sun Ray component in Oracle Virtualization 4.0 allows remote attackers to affect integrity, related to Authentication. NOTE: this identifier was inadvertently used for an Oracle Industry Applications issue involving TMS Help, but that issue has been assigned CVE-2011-2323.

CVE-2012-3221Oct 17, 2012
risk 0.03cvss —epss 0.00
Unspecified vulnerability in the Oracle VM Virtual Box component in Oracle Virtualization 3.2, 4.0, and 4.1 allows local users to affect availability via unknown vectors related to VirtualBox Core. NOTE: The previous information was obtained from the October 2012 CPU. Oracle has not commented on claims from another vendor that this issue is related to "incorrect interrupt handling."
CVE-2015-2581Jul 16, 2015
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.1 and 5.2 allows remote attackers to affect confidentiality and availability via unknown vectors related to JServer.
CVE-2014-0230Jun 7, 2015
risk 0.00cvss —epss 0.03
Apache Tomcat 6.x before 6.0.44, 7.x before 7.0.55, and 8.x before 8.0.9 does not properly handle cases where an HTTP response occurs before finishing the reading of an entire request body, which allows remote attackers to cause a denial of service (thread consumption) via a series of aborted upload attempts.
CVE-2014-6459Oct 15, 2014
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-2476.
CVE-2014-2476Oct 15, 2014
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2474, and CVE-2014-6459.
CVE-2014-2475Oct 15, 2014
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv).
CVE-2014-2474Oct 15, 2014
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2472, CVE-2014-2476, and CVE-2014-6459.
CVE-2014-2473Oct 15, 2014
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv) and SGD SSL Daemon (ttassl).
CVE-2014-2472Oct 15, 2014
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect availability via vectors related to SGD Proxy Server (ttaauxserv), a different vulnerability than CVE-2014-2474, CVE-2014-2476, and CVE-2014-6459.
CVE-2014-2463Apr 16, 2014
risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 4.63, 4.71, 5.0, and 5.1 allows remote attackers to affect integrity via unknown vectors related to Workspace Web Application, a different vulnerability than CVE-2014-4232.
CVE-2014-2439Apr 16, 2014
risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Oracle Secure Global Desktop (SGD) component in Oracle Virtualization 5.0 and 5.1 allows remote attackers to affect confidentiality and integrity via unknown vectors related to Workspace Web Application.
CVE-2013-3834Oct 16, 2013
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Oracle Secure Global Desktop component in Oracle Virtualization 5 allows remote attackers to affect availability via unknown vectors related to ttaauxserv.
CVE-2013-3782Jul 17, 2013
risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 prior to 4.63 and 4.7 prior to 4.71 allows remote attackers to affect integrity via unknown vectors related to Web UI.
CVE-2013-3779Jul 17, 2013
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization All 4.6 releases including 4.63 and 4.7 prior to 4.71 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Web UI.
CVE-2013-0420Jan 17, 2013
risk 0.00cvss —epss 0.00
Unspecified vulnerability in the VirtualBox component in Oracle Virtualization 4.0, 4.1, and 4.2 allows local users to affect integrity and availability via unknown vectors related to Core. NOTE: The previous information was obtained from the January 2013 Oracle CPU. Oracle has not commented on claims from another vendor that this issue is related to an incorrect comparison in the vga_draw_text function in Devices/Graphics/DevVGA.cpp, which can cause VirtualBox to "draw more lines than necessary."
CVE-2012-1685Oct 16, 2012
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Secure Global Desktop component in Oracle Virtualization 4.6 allows remote attackers to affect integrity via unknown vectors related to Core.
CVE-2012-0111Jan 18, 2012
risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality and integrity via unknown vectors related to Shared Folders.
CVE-2012-0105Jan 18, 2012
risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization 4.1 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Guest Additions.
CVE-2011-3571Jan 18, 2012
risk 0.00cvss —epss 0.00
Unspecified vulnerability in the Virtual Desktop Infrastructure (VDI) component in Oracle Virtualization 3.2 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Session. NOTE: this CVE identifier was accidentally used for a Concurrency issue in Java Runtime Environment, but that issue has been reassigned to CVE-2012-0507.
CVE-2011-3538Oct 18, 2011
risk 0.00cvss —epss 0.01
Unspecified vulnerability in the Sun Ray component in Oracle Virtualization 4.0 allows remote attackers to affect integrity, related to Authentication. NOTE: this identifier was inadvertently used for an Oracle Industry Applications issue involving TMS Help, but that issue has been assigned CVE-2011-2323.