Vulnerabilities > Oracle > VM Virtualbox > 5.2.36

DATE CVE VULNERABILITY TITLE RISK
2020-04-15 CVE-2020-2905 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
8.2
8.2
2020-04-15 CVE-2020-2902 Out-of-bounds Write vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse CWE-787
8.8
8.8
2020-04-15 CVE-2020-2894 Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse
6.0
6.0
2020-04-15 CVE-2020-2758 Use After Free vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse CWE-416
8.2
8.2
2020-04-15 CVE-2020-2748 Out-of-bounds Read vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse CWE-125
3.2
3.2
2020-04-15 CVE-2020-2741 Out-of-bounds Read vulnerability in multiple products
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core).
local
low complexity
oracle opensuse CWE-125
6.0
6.0
2019-11-08 CVE-2019-10219 A vulnerability was found in Hibernate-Validator.
network
low complexity
redhat netapp oracle
6.1
6.1
2019-04-26 CVE-2019-2725 Injection vulnerability in Oracle products
Vulnerability in the Oracle WebLogic Server component of Oracle Fusion Middleware (subcomponent: Web Services).
network
low complexity
oracle CWE-74
critical
 9.8
9.8
2018-11-15 CVE-2018-5407 Information Exposure Through Discrepancy vulnerability in multiple products
Simultaneous Multi-threading (SMT) in processors can enable local users to exploit software vulnerable to timing attacks via a side-channel timing attack on 'port contention'. 		4.7
4.7
2018-10-29 CVE-2018-0735 Use of a Broken or Risky Cryptographic Algorithm vulnerability in multiple products
The OpenSSL ECDSA signature algorithm has been shown to be vulnerable to a timing side channel attack.
network
high complexity
openssl canonical debian nodejs netapp oracle CWE-327
5.9
5.9