Vulnerabilities > Oracle > VM Virtualbox > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-07-21 | CVE-2016-3612 | Remote Security vulnerability in Oracle VM VirtualBox Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.22 allows remote attackers to affect confidentiality via vectors related to Core. network oracle | 4.3 |
| 2016-04-21 | CVE-2016-0678 | Local Security vulnerability in Oracle VM Virtualbox 5.0.18 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core. local oracle | 4.1 |
| 2016-02-15 | CVE-2015-3197 | Information Exposure vulnerability in multiple products ssl/s2_srvr.c in OpenSSL 1.0.1 before 1.0.1r and 1.0.2 before 1.0.2f does not prevent use of disabled ciphers, which makes it easier for man-in-the-middle attackers to defeat cryptographic protection mechanisms by performing computations on SSLv2 traffic, related to the get_client_master_key and get_client_hello functions. | 5.9 |
| 2016-01-21 | CVE-2016-0602 | Local Security vulnerability in Oracle Virtualization Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.14 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Windows Installer. | 6.2 |
| 2016-01-21 | CVE-2016-0495 | Remote Security vulnerability in Oracle Virtualization Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core. | 4.3 |
| 2015-12-06 | CVE-2015-3195 | Information Exposure vulnerability in multiple products The ASN1_TFLG_COMBINE implementation in crypto/asn1/tasn_dec.c in OpenSSL before 0.9.8zh, 1.0.0 before 1.0.0t, 1.0.1 before 1.0.1q, and 1.0.2 before 1.0.2e mishandles errors caused by malformed X509_ATTRIBUTE data, which allows remote attackers to obtain sensitive information from process memory by triggering a decoding failure in a PKCS#7 or CMS application. | 5.3 |
| 2015-10-21 | CVE-2015-4896 | Remote Security vulnerability in Oracle VM VirtualBox Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP) enabled, allows remote attackers to affect availability via unknown vectors related to Core. | 5.0 |
| 2015-10-21 | CVE-2015-4856 | Local Security vulnerability in Oracle VM VirtualBox Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.30, 4.1.38, 4.2.30, 4.3.26, and 5.0.0 allows local users to affect availability via unknown vectors related to Core. | 4.9 |
| 2015-07-16 | CVE-2015-2594 | Local Security vulnerability in Oracle VM VirtualBox Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.32, 4.1.40, 4.2.32, and 4.3.30 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core. | 6.6 |
| 2015-01-21 | CVE-2015-0377 | Local Security vulnerability in Oracle VM VirtualBox Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418. | 4.4 |