CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 0CVE-2016-5613 – Gentoo Linux Security Advisory 201612-27
https://notcve.org/view.php?id=CVE-2016-5613
25 Oct 2016 — Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5608. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en versiones anteriores a 5.0.28 y 5.1.x en versiones anteriores a 5.1.8 en Oracle Virtualization permite a usuarios locales afectar la disponibilidad a través de vectores relacionados con Core, una v... • http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html • CWE-284: Improper Access Control •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3597
https://notcve.org/view.php?id=CVE-2016-3597
21 Jul 2016 — Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.26 allows local users to affect availability via vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 5.0.26 permite a usuarios locales afectar la disponibilidad relacionada con Core. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 5.9EPSS: 0%CPEs: 1EXPL: 0CVE-2016-3612
https://notcve.org/view.php?id=CVE-2016-3612
21 Jul 2016 — Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 5.0.22 permite a atacantes remotos afectar la confidencialidad a través de vectores relacionados con Core. • http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html •
CVSS: 6.7EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0678
https://notcve.org/view.php?id=CVE-2016-0678
21 Apr 2016 — Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 5.0.18 permite a usuarios locales afectar a la confidencialidad, integridad y disponibilidad a través de vectores relacionados con Core. • http://lists.opensuse.org/opensuse-updates/2016-05/msg00130.html •
CVSS: 5.9EPSS: 18%CPEs: 38EXPL: 1CVE-2015-3197 – OpenSSL: SSLv2 doesn't block disabled ciphers
https://notcve.org/view.php?id=CVE-2015-3197
28 Jan 2016 — ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. ssl/s2_srvr.c en OpenSSL 1.0.1 en versiones anteriores a 1.0.1r y 1.0.2 en versiones anteriores a 1.0.2f no impide el uso de cifrados deshabilitados, lo que hace que sea más fácil para at... • https://github.com/Trinadh465/OpenSSL-1_0_1g_CVE-2015-3197 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-310: Cryptographic Issues •
CVSS: 7.5EPSS: 1%CPEs: 3EXPL: 0CVE-2016-0495 – Debian Security Advisory 3454-1
https://notcve.org/view.php?id=CVE-2016-0495
21 Jan 2016 — Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 4.3.36 y 5.0.14 permite a atacantes remotos afectar a la disponibilidad a través de vectores desconocidos relacionados con Core. Multiple vulnerabilities have been discover... • http://www.debian.org/security/2016/dsa-3454 •
CVSS: 4.7EPSS: 0%CPEs: 4EXPL: 0CVE-2016-0592 – Debian Security Advisory 3454-1
https://notcve.org/view.php?id=CVE-2016-0592
21 Jan 2016 — Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core. Vulnerabilidad no especificada en el componente Oracle VM VirtualBox en Oracle Virtualization VirtualBox en versiones anteriores a 4.3.36 y en versiones anteriores a 5.0.14 permite a usuarios locales afectar a la disponibilidad a través de vectores desconocidos relacionados con Core. Multiple vulnera... • http://www.debian.org/security/2016/dsa-3454 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2016-0602 – Oracle Java 6/7/8 / VirtualBox DLL Hijacking
https://notcve.org/view.php?id=CVE-2016-0602
21 Jan 2016 — Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.14 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Installer. NOTE: the previous information is from the January 2016 CPU. Oracle has not commented on third-party claims that this is an untrusted search path issue that allows local users to gain privileges via a Trojan horse dll in the "application directory." Vulnerabilidad no especi... • http://seclists.org/fulldisclosure/2016/Feb/54 •
CVSS: 7.5EPSS: 7%CPEs: 65EXPL: 0CVE-2015-3196 – OpenSSL: Race condition handling PSK identify hint
https://notcve.org/view.php?id=CVE-2015-3196
03 Dec 2015 — ssl/s3_clnt.c in OpenSSL 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1p, and 1.0.2 before 1.0.2d, when used for a multi-threaded client, writes the PSK identity hint to an incorrect data structure, which allows remote servers to cause a denial of service (race condition and double free) via a crafted ServerKeyExchange message. ssl/s3_clnt.c en OpenSSL 1.0.0 en versiones anteriores a 1.0.0t, 1.0.1 en versiones anteriores a 1.0.1p y 1.0.2 en versiones anteriores a 1.0.2d, cuando es utilizado por un cliente multi hi... • http://fortiguard.com/advisory/openssl-advisory-december-2015 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 5.3EPSS: 2%CPEs: 56EXPL: 1CVE-2015-3195 – OpenSSL: X509_ATTRIBUTE memory leak
https://notcve.org/view.php?id=CVE-2015-3195
03 Dec 2015 — The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. La implementación ASN1_TFLG_COMBINE en crypto/asn1/tasn_dec.c en OpenSSL en versiones anteriores a 0.9.8zh, 1.0.0 en versiones anteriores a 1.0.0t, 1.... • https://github.com/Trinadh465/OpenSSL-1_0_1g_CVE-2015-3195 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor CWE-401: Missing Release of Memory after Effective Lifetime •