cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-21273,https://securityvulnerability.io/vulnerability/CVE-2024-21273,Oracle VM VirtualBox Vulnerability Allows High Privilege Attacks,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.22 and  prior to 7.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).",Oracle,Oracle Vm Virtualbox,6,MEDIUM,0.0004400000034365803,false,false,false,false,,false,false,2024-10-15T19:52:59.137Z,0
CVE-2024-21263,https://securityvulnerability.io/vulnerability/CVE-2024-21263,Oracle VM VirtualBox Vulnerability Could Lead to Hang or Crash,Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.22 and  prior to 7.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox and  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.1 (Confidentiality and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:H).,Oracle,Oracle Vm Virtualbox,6.1,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-10-15T19:52:55.265Z,0
CVE-2024-21259,https://securityvulnerability.io/vulnerability/CVE-2024-21259,Vulnerability in Oracle VM VirtualBox Could Allow High Privileged Attacker to Compromise the Product,"A vulnerability has been identified in Oracle VM VirtualBox that could allow high privileged attackers, with access to the underlying infrastructure, to exploit the product. Specifically, this vulnerability affects versions prior to 7.0.22 and 7.1.2, enabling potential takeover of the VirtualBox environment. While the primary impact is on Oracle VM VirtualBox, successful exploitation may also influence other related products, potentially broadening the scope of the attack. This highlights the need for immediate patching and robust security measures to mitigate associated risks.",Oracle,Oracle Vm Virtualbox,7.5,HIGH,0.0005600000149570405,false,false,false,false,,false,false,2024-10-15T19:52:53.966Z,0
CVE-2024-21253,https://securityvulnerability.io/vulnerability/CVE-2024-21253,Vulnerability in Oracle VM VirtualBox Allowing High Privileged Attacks,Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.22. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 2.3 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).,Oracle,Oracle Vm Virtualbox,2.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-10-15T19:52:52.331Z,0
CVE-2024-21248,https://securityvulnerability.io/vulnerability/CVE-2024-21248,Vulnerability in Oracle VM VirtualBox Could Allow Low-Privileged Attackers to Compromise the Platform,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.22 and  prior to 7.1.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as  unauthorized read access to a subset of Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 5.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:L/A:L).",Oracle,Oracle Vm Virtualbox,5.3,MEDIUM,0.0005499999970197678,false,false,false,false,,false,false,2024-10-15T19:52:50.788Z,0
CVE-2024-21141,https://securityvulnerability.io/vulnerability/CVE-2024-21141,Oracle VM VirtualBox Vulnerability Allows High Privileged Attackers to Takeover,"A vulnerability exists in Oracle VM VirtualBox, where high-privileged attackers with authentication may exploit the system to compromise its functionality. This flaw resides within the core component of Oracle VM VirtualBox, impacting not only the virtualization software itself but potentially spreading its effects to other connected products. The exploitation of this vulnerability leads to unauthorized access and control over Oracle VM VirtualBox instances, exposing critical data and system integrity. The vulnerability requires authenticated access, making it crucial for organizations utilizing Oracle VM VirtualBox to implement recommended security measures to mitigate risks associated with this flaw.",Oracle,Vm Virtualbox,8.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-21161,https://securityvulnerability.io/vulnerability/CVE-2024-21161,Oracle VM VirtualBox Vulnerability,Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.20. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 5.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).,Oracle,Vm Virtualbox,5.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-21164,https://securityvulnerability.io/vulnerability/CVE-2024-21164,Vulnerability in Oracle VM VirtualBox Could Allow High Privileged Attackers to Compromise Virtual Machine Data,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.20. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 2.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:L/I:N/A:N).",Oracle,Vm Virtualbox,2.5,LOW,0.0012499999720603228,false,false,false,false,,false,false,2024-07-16T23:15:00.000Z,0
CVE-2024-21111,https://securityvulnerability.io/vulnerability/CVE-2024-21111,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"A security vulnerability has been identified in the Oracle VM VirtualBox component of Oracle Virtualization that affects versions prior to 7.0.16. This flaw allows an attacker with low privileges to access the infrastructure where Oracle VM VirtualBox operates, potentially leading to a full compromise of the software. The vulnerability specifically impacts Windows host environments, enabling attackers to gain undue control over Oracle VM VirtualBox, which could lead to significant security breaches affecting the confidentiality, integrity, and availability of the affected systems.",Oracle,Vm Virtualbox,7.8,HIGH,0.0004299999854993075,false,true,true,true,true,true,false,2024-04-16T22:15:00.000Z,4303
CVE-2024-21110,https://securityvulnerability.io/vulnerability/CVE-2024-21110,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"A vulnerability exists in the Oracle VM VirtualBox product from Oracle Virtualization, specifically in the Core component. The issue affects all supported versions prior to 7.0.16. This vulnerability can be easily exploited by a low-privileged attacker who has logged into the settings infrastructure of Oracle VM VirtualBox. It requires interaction from a user other than the attacker to execute a successful attack. If an attack is successful, it can lead to the full takeover of the Oracle VM VirtualBox environment, compromising the integrity, confidentiality, and availability of the system.",Oracle,Vm Virtualbox,7.3,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21103,https://securityvulnerability.io/vulnerability/CVE-2024-21103,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"A vulnerability exists in the Oracle VM VirtualBox, specifically within the Core component, allowing an attacker with low privileges to gain unauthorized control over the software when operating on Linux hosts. Any version prior to 7.0.16 is susceptible to exploitation, potentially leading to a complete takeover of the Oracle VM VirtualBox environment. This threat underscores the importance of adhering to security updates and patches to mitigate exposure.",Oracle,Vm Virtualbox,7.8,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21109,https://securityvulnerability.io/vulnerability/CVE-2024-21109,Unauthenticated Vulnerability in Oracle VM VirtualBox by Oracle,"A serious vulnerability exists in Oracle VM VirtualBox, a widely used virtualization software from Oracle. This issue affects all supported versions prior to 7.0.16 and allows unauthenticated attackers with network access via HTTP to exploit the system. If successfully exploited, attackers could gain unauthorized access to critical data, potentially compromising the integrity and confidentiality of the data stored in Oracle VM VirtualBox environments. Organizations using this software are advised to update to the latest version immediately to mitigate this risk.",Oracle,Vm Virtualbox,5.9,MEDIUM,0.0012499999720603228,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21112,https://securityvulnerability.io/vulnerability/CVE-2024-21112,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"A vulnerability exists in the Oracle VM VirtualBox product, specifically within its core component, impacting all supported versions prior to 7.0.16. This security flaw allows low privileged attackers with logon access to the infrastructure where Oracle VM VirtualBox operates to exploit and compromise the virtualization environment. Although the vulnerability resides within Oracle VM VirtualBox, its exploitation can lead to significant impacts on additional products, thereby expanding the scope of potential risks. Successful exploitation can enable an attacker to take over the Oracle VM VirtualBox, compromising confidentiality, integrity, and availability within the affected system.",Oracle,Vm Virtualbox,8.8,HIGH,0.0012499999720603228,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21121,https://securityvulnerability.io/vulnerability/CVE-2024-21121,Vulnerability in Oracle VM VirtualBox Could Allow Low-Privileged Attackers to Compromise the Product,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in  unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).",Oracle,Vm Virtualbox,6.5,MEDIUM,0.0012499999720603228,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21106,https://securityvulnerability.io/vulnerability/CVE-2024-21106,Vulnerability in Oracle VM VirtualBox Could Allow for Hang or Crash (CVE-2023-2715),"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change).  Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.5 (Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).",Oracle,Vm Virtualbox,6.5,MEDIUM,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21116,https://securityvulnerability.io/vulnerability/CVE-2024-21116,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"A vulnerability exists within the Oracle VM VirtualBox product line that could allow a low privileged attacker with access to the infrastructure where Oracle VM VirtualBox runs to compromise the application. Specifically, this issue is present in versions prior to 7.0.16 and is applicable only to Linux hosts. Exploitation of this vulnerability can lead to complete takeover of the Oracle VM VirtualBox environment, impacting confidentiality, integrity, and availability. Organizations utilizing Oracle VM VirtualBox must prioritize updating to the latest version and implement robust security measures to mitigate associated risks.",Oracle,Vm Virtualbox,7.8,HIGH,0.0012499999720603228,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21114,https://securityvulnerability.io/vulnerability/CVE-2024-21114,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"A vulnerability exists in the Oracle VM VirtualBox product of Oracle Virtualization, specifically within the Core component. This flaw affects versions prior to 7.0.16 and is deemed easily exploitable by a low privileged attacker who has access to the infrastructure where Oracle VM VirtualBox operates. If exploited successfully, this vulnerability can lead to a complete takeover of Oracle VM VirtualBox. Furthermore, while the vulnerability is rooted in Oracle VM VirtualBox, its impacts may extend beyond this product, potentially affecting other systems. The implications include serious concerns regarding confidentiality, integrity, and availability of the affected environments.",Oracle,Vm Virtualbox,8.8,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21107,https://securityvulnerability.io/vulnerability/CVE-2024-21107,Oracle VM VirtualBox Vulnerability Allows High Privileged Attackers to Compromise Virtual Machine,"Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).  Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox.  Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).",Oracle,Vm Virtualbox,6.7,MEDIUM,0.0004299999854993075,false,false,false,true,true,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21113,https://securityvulnerability.io/vulnerability/CVE-2024-21113,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"An exploitable vulnerability exists in Oracle VM VirtualBox that allows low privileged attackers who have logged on to the infrastructure to compromise the virtualization environment. This issue specifically impacts supported versions prior to 7.0.16. Although the primary vulnerability resides within Oracle VM VirtualBox, successful attacks can extend to affect additional products, highlighting a potential scope change in the security posture. Exploitation of this vulnerability could lead to a complete takeover of the Oracle VM VirtualBox, significantly jeopardizing the confidentiality, integrity, and availability of not just the affected product, but also other connected systems.",Oracle,Vm Virtualbox,8.8,HIGH,0.0012499999720603228,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21115,https://securityvulnerability.io/vulnerability/CVE-2024-21115,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine,"The vulnerability present in Oracle VM VirtualBox may allow low-privileged attackers with access to the infrastructure where the application runs to take control of the system. Although the defect is specifically within Oracle VM VirtualBox, the impact can extend to other interconnected systems, heightening the potential risk. Affected versions prior to 7.0.16 are particularly susceptible, facilitating unauthorized access that could compromise confidentiality, integrity, and availability of the virtual environment.",Oracle,Vm Virtualbox,8.8,HIGH,0.0012499999720603228,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2024-21108,https://securityvulnerability.io/vulnerability/CVE-2024-21108,Oracle VM VirtualBox Vulnerability Allows Low Privileged Attackers to Compromise Virtual Machine Data,"A vulnerability exists in Oracle VM VirtualBox, specifically within the Core component, which can be exploited by a low privileged attacker with logon access to the host where Oracle VM VirtualBox is running. If successfully exploited, this vulnerability can lead to unauthorized read access to sensitive data accessible within the Oracle VM VirtualBox environment. The issue is present in versions prior to 7.0.16, emphasizing the need for users to update to the most recent version to mitigate potential risks.",Oracle,Vm Virtualbox,3.3,LOW,0.0004299999854993075,false,false,false,false,,false,false,2024-04-16T22:15:00.000Z,0
CVE-2023-22100,https://securityvulnerability.io/vulnerability/CVE-2023-22100,Vulnerability in Oracle VM VirtualBox by Oracle,"A vulnerability exists in Oracle VM VirtualBox prior to version 7.0.12 that allows a high-privileged attacker, who has access to the virtualization infrastructure, to exploit the weakness. This may lead to unauthorized access to sensitive data or full control over all data accessible by Oracle VM VirtualBox. Additionally, the vulnerability can trigger denial of service, causing frequent crashes or hangs of the Oracle VM VirtualBox service. This susceptibility necessitates prompt updates to mitigate potential risks.",Oracle,VM VirtualBox,7.9,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-10-17T22:15:00.000Z,0
CVE-2023-22098,https://securityvulnerability.io/vulnerability/CVE-2023-22098,"Oracle VM VirtualBox Vulnerability Could Lead to Hang or Crash, Data Tampering","The vulnerability identified in Oracle VM VirtualBox affects versions prior to 7.0.12 and allows a high privileged attacker with access to the VirtualBox environment to compromise the software. Exploitation of this vulnerability can lead to unauthorized actions, including causing a denial of service (DoS) by inducing frequent crashes or hangs. Furthermore, these attacks may provide the attacker with unauthorized access to modify, delete, or insert data within Oracle VM VirtualBox. Additionally, certain data accessible within Oracle VM VirtualBox can be read without authorization, amplifying the impact across related products.",Oracle,VM VirtualBox,7.3,HIGH,0.0004299999854993075,false,false,false,true,true,true,false,2023-10-17T22:15:00.000Z,0
CVE-2023-22099,https://securityvulnerability.io/vulnerability/CVE-2023-22099,Privilege Escalation Vulnerability in Oracle VM VirtualBox by Oracle,"An exploitable vulnerability exists in Oracle VM VirtualBox that allows a high-privileged attacker with access to the infrastructure where the virtualization software runs to compromise the system. The flaw primarily affects versions prior to 7.0.12, and while it is confined to Oracle VM VirtualBox, successful exploitation could lead to significant security ramifications across related systems and services. Thus, organizations utilizing Oracle VM VirtualBox need to prioritize the application of security updates to mitigate potential risks.",Oracle,Vm Virtualbox,8.2,HIGH,0.0004299999854993075,false,false,false,false,,false,false,2023-10-17T22:15:00.000Z,0
CVE-2023-22018,https://securityvulnerability.io/vulnerability/CVE-2023-22018,Network Access Vulnerability in Oracle VM VirtualBox by Oracle,"A vulnerability exists in Oracle VM VirtualBox that allows an unauthenticated attacker with network access through RDP to potentially take control of the application. Supported versions prior to 6.1.46 and 7.0.10 are affected. This weakness poses a risk to confidentiality, integrity, and availability of the virtual environment, making it essential for users to urgently apply patches and updates.",Oracle,Vm Virtualbox,8.1,HIGH,0.001769999973475933,false,false,false,false,,false,false,2023-07-18T21:15:00.000Z,0