CVSS: 2.1EPSS: 0%CPEs: 23EXPL: 0CVE-2009-3940
https://notcve.org/view.php?id=CVE-2009-3940
Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors. Vulnerabilidad no especificada en Guest Additions en Sun xVM VirtualBox v1.6.x y v2.0.x anteriores a v2.0.12, v2.1.x, y v2.2.x, y en Sun VirtualBox versiones anteriores a v3.0.10, permite a usuarios del sistema operativo huésped provocar una denegación de servicio (consumo de memoria) en el sistema operativo huésped mediante vectores desconocidos. • http://lists.opensuse.org/opensuse-security-announce/2010-02/msg00000.html http://secunia.com/advisories/38420 http://sunsolve.sun.com/search/document.do?assetkey=1-66-271149-1 •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0CVE-2009-3923
https://notcve.org/view.php?id=CVE-2009-3923
The VirtualBox 2.0.8 and 2.0.10 web service in Sun Virtual Desktop Infrastructure (VDI) 3.0 does not require authentication, which allows remote attackers to obtain unspecified access via vectors involving requests to an Apache HTTP Server. El servicio Web de VirtualBox v2.0.8 y v2.0.10 en Sun Virtual Desktop Infrastructure (VDI) v3.0 no requiere autenticación, lo que permite a atacantes remotos conseguir acceso no especificado a través de vectores que implican peticiones al servidor Apache HTTP Server. • http://sunsolve.sun.com/search/document.do?assetkey=1-21-141481-03-1 http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1 http://www.securityfocus.com/bid/36917 https://exchange.xforce.ibmcloud.com/vulnerabilities/54136 • CWE-287: Improper Authentication •