The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Computer vulnerabilities of VirtualBox

Apache httpd: information disclosure via mod_auth_digest
An attacker can bypass access restrictions to data via mod_auth_digest of Apache httpd, in order to obtain sensitive information...
APPLE-SA-2017-09-25-1, bulletinjul2017, cpuoct2017, CVE-2017-9788, DLA-1028-1, DSA-3913-1, HT208144, HT208221, JSA10838, openSUSE-SU-2017:2016-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3113-01, RHSA-2017:3114-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, RHSA-2017:3239-01, RHSA-2017:3240-01, SYMSA1457, USN-3370-1, USN-3370-2, VIGILANCE-VUL-23249
Apache httpd: out-of-bounds memory reading via mod_mime
An attacker can force a read at an invalid address via mod_mime of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information...
APPLE-SA-2017-09-25-1, bulletinjul2017, cpuoct2017, CVE-2017-7679, DLA-1009-1, DSA-2019-131, DSA-2019-197, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K75429050, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23004
Apache httpd: out-of-bounds memory reading via ap_find_token
An attacker can force a read at an invalid address via ap_find_token() of Apache httpd, in order to trigger a denial of service, or to obtain sensitive information...
APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-7668, DLA-1009-1, DSA-2019-131, DSA-2019-197, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23003
Apache httpd: NULL pointer dereference via mod_ssl
An attacker can force a NULL pointer to be dereferenced via mod_ssl of Apache httpd, in order to trigger a denial of service...
APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-3169, DLA-1009-1, DSA-2019-131, DSA-2019-197, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K83043359, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SB10206, SSA:2017-180-03, STORM-2017-003, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23001
Apache httpd: privilege escalation via ap_get_basic_auth_pw
An attacker can bypass restrictions of a module developed with ap_get_basic_auth_pw() of Apache httpd, in order to escalate his privileges...
APPLE-SA-2017-09-25-1, bulletinjul2017, CERTFR-2017-AVI-218, cpuoct2017, CVE-2017-3167, DLA-1009-1, DSA-2019-131, DSA-2019-197, DSA-3896-1, FEDORA-2017-9ded7c5670, FEDORA-2017-cf9599a306, HT208144, HT208221, JSA10838, K34125394, openSUSE-SU-2017:1803-1, RHSA-2017:2478-01, RHSA-2017:2479-01, RHSA-2017:2483-01, RHSA-2017:3193-01, RHSA-2017:3194-01, RHSA-2017:3195-01, SSA:2017-180-03, USN-3340-1, USN-3373-1, VIGILANCE-VUL-23000
Oracle VM VirtualBox: multiple vulnerabilities
An attacker can use several vulnerabilities of Oracle VM VirtualBox...
1086, 1091, 1103, 1136, 1141, 1227, CERTFR-2017-AVI-121, cpuapr2017, CVE-2017-3513, CVE-2017-3558, CVE-2017-3559, CVE-2017-3561, CVE-2017-3563, CVE-2017-3575, CVE-2017-3576, CVE-2017-3587, openSUSE-SU-2017:1141-1, openSUSE-SU-2017:1142-1, VIGILANCE-VUL-22495
Oracle VM VirtualBox: escape to host file system via shared folders
An attacker in a gest system can attempts many parallel access to shared folders in Oracle VM VirtualBox, in order to get access to the whole Linux host filesystem...
1037, cpuapr2017, CVE-2017-3538, openSUSE-SU-2017:1141-1, openSUSE-SU-2017:1142-1, VIGILANCE-VUL-22468
OpenSSL: denial of service via the "Encrypt-Then-Mac" option
An attacker can change the state of the "Encrypt-Then-Mac" TLS option in a renegotiation with a server or client based on OpenSSL, in order to trigger a denial of service...
2003480, 2003620, 2003673, 2004940, CERTFR-2017-AVI-035, cisco-sa-20170130-openssl, cpuapr2019, cpujan2018, cpuoct2017, CVE-2017-3733, HPESBGN03728, VIGILANCE-VUL-21871
OpenSSL: multiple vulnerabilities
An attacker can use several vulnerabilities of OpenSSL...
1117414, 2000544, 2000988, 2000990, 2002331, 2004036, 2004940, 2009389, 2010154, 2011567, 2012827, 2014202, 2014651, 2014669, 2015080, BSA-2016-204, BSA-2016-207, BSA-2016-211, BSA-2016-212, BSA-2016-213, BSA-2016-216, BSA-2016-234, bulletinapr2017, bulletinjan2018, bulletinoct2017, CERTFR-2017-AVI-035, CERTFR-2018-AVI-343, cisco-sa-20170130-openssl, cpuapr2017, cpuapr2019, cpujan2018, cpujul2017, cpujul2018, cpuoct2017, CVE-2016-7055, CVE-2017-3730, CVE-2017-3731, CVE-2017-3732, DLA-814-1, DSA-2020-062, DSA-3773-1, FEDORA-2017-3451dbec48, FEDORA-2017-e853b4144f, FG-IR-17-019, FreeBSD-SA-17:02.openssl, ibm10732391, ibm10733905, ibm10738249, ibm10738401, JSA10775, JSA10990, K37526132, K43570545, K44512851, K-510805, NTAP-20170127-0001, NTAP-20170310-0002, NTAP-20180201-0001, openSUSE-SU-2017:0481-1, openSUSE-SU-2017:0487-1, openSUSE-SU-2017:0527-1, openSUSE-SU-2017:0941-1, openSUSE-SU-2017:2011-1, openSUSE-SU-2017:2868-1, openSUSE-SU-2018:0458-1, PAN-70674, PAN-73914, PAN-SA-2017-0012, PAN-SA-2017-0014, PAN-SA-2017-0016, RHSA-2017:0286-01, RHSA-2018:2568-01, RHSA-2018:2575-01, SA141, SA40423, SB10188, SSA:2017-041-02, SUSE-SU-2018:0112-1, SUSE-SU-2018:2839-1, SUSE-SU-2018:3082-1, TNS-2017-03, USN-3181-1, VIGILANCE-VUL-21692
Oracle VirtualBox: vulnerabilities of January 2017
An attacker can use several vulnerabilities of Oracle VirtualBox...
1037, CERTFR-2017-AVI-019, cpujan2017, CVE-2016-5545, CVE-2017-3290, CVE-2017-3316, CVE-2017-3332, openSUSE-SU-2017:0332-1, openSUSE-SU-2017:0382-1, VIGILANCE-VUL-21611
Our database contains other pages. You can request a free trial to read them.

Display information about VirtualBox: