CVSS: 7.2EPSS: 0%CPEs: 6EXPL: 1CVE-2020-15780 – kernel: lockdown: bypass through ACPI write via acpi_configfs
https://notcve.org/view.php?id=CVE-2020-15780
15 Jul 2020 — An issue was discovered in drivers/acpi/acpi_configfs.c in the Linux kernel before 5.7.7. Injection of malicious ACPI tables via configfs could be used by attackers to bypass lockdown and secure boot restrictions, aka CID-75b0cea7bf30. Se detectó un problema en el archivo drivers/acpi/acpi_configfs.c en el kernel de Linux versiones anteriores a 5.7.7. Una inyección de tablas ACPI maliciosas por medio de configfs podría ser usada por atacantes para omitir el bloqueo y asegurar las restricciones de arranque, ... • https://github.com/Annavid/CVE-2020-15780-exploit • CWE-284: Improper Access Control CWE-862: Missing Authorization •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14707 – Gentoo Linux Security Advisory 202101-09
https://notcve.org/view.php?id=CVE-2020-14707
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ab... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html •
CVSS: 6.5EPSS: 0%CPEs: 6EXPL: 0CVE-2020-14711 – Gentoo Linux Security Advisory 202101-09
https://notcve.org/view.php?id=CVE-2020-14711
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Or... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html •
CVSS: 5.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14712 – Gentoo Linux Security Advisory 202101-09
https://notcve.org/view.php?id=CVE-2020-14712
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized cr... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14713 – Gentoo Linux Security Advisory 202101-09
https://notcve.org/view.php?id=CVE-2020-14713
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can ... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html •
CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14714 – Gentoo Linux Security Advisory 202101-09
https://notcve.org/view.php?id=CVE-2020-14714
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM Vi... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html •
CVSS: 4.4EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14715 – Gentoo Linux Security Advisory 202101-09
https://notcve.org/view.php?id=CVE-2020-14715
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM Vi... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html •
CVSS: 7.5EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14699 – Oracle VirtualBox e1000 Integer Underflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-14699
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can ... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html • CWE-191: Integer Underflow (Wrap or Wraparound) •
CVSS: 5.3EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14700 – Oracle VirtualBox e1000 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-14700
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can ... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html • CWE-125: Out-of-bounds Read •
CVSS: 6.0EPSS: 0%CPEs: 5EXPL: 0CVE-2020-14703 – Oracle VirtualBox e1000 Unintialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-14703
15 Jul 2020 — Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can re... • http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html • CWE-908: Use of Uninitialized Resource •