CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2723 – Oracle VirtualBox e1000 Race Condition Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-2723
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.zerodayinitiative.com/advisories/ZDI-19-423 https://www.zerodayinitiative.com/advisories/ZDI-19-424 • CWE-190: Integer Overflow or Wraparound •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2722 – Oracle VirtualBox e1000 Integer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2019-2722
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html https://www.zerodayinitiative.com/advisories/ZDI-19-425 •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 1CVE-2019-2721 – VirtualBox 6.0.4 r128413 - COM RPC Interface Code Injection Host Privilege Escalation
https://notcve.org/view.php?id=CVE-2019-2721
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. • https://www.exploit-db.com/exploits/46747 http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2703
https://notcve.org/view.php?id=CVE-2019-2703
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2019-2696
https://notcve.org/view.php?id=CVE-2019-2696
Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. • http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html •