Multiple vulnerabilities in Oracle VirtualBox

Описание

Multiple vulnerabilities were found in Oracle VirtualBox. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information, cause denial of service, bypass security restrictions.

Below is a complete list of vulnerabilities:

1. Code execution vulnerability in Core can be exploited to execute arbitrary code and obtain sensitive information.
2. Code execution vulnerability in Core can be exploited to execute arbitrary code and obtain sensitive information and cause denial of service.
3. Information disclosure vulnerability in Core can be exploited to obtain sensitive information.
4. Information disclosure vulnerability in curl can be exploited to obtain sensitive information.

Первичный источник обнаружения

• Oracle Critical Patch Update Advisory - April 2023
  

Эксплуатация

Public exploits exist for this vulnerability.

Связанные продукты

• Oracle-VirtualBox

Список CVE

• CVE-2022-42916
  critical
• CVE-2023-22001
  warning
• CVE-2023-21987
  critical
• CVE-2023-21999
  warning
• CVE-2023-22002
  high
• CVE-2023-21988
  warning
• CVE-2023-22000
  warning
• CVE-2023-21990
  critical
• CVE-2023-21989
  high
• CVE-2023-21998
  warning
• CVE-2023-21991
  warning

Смотрите также

Узнай статистику распространения уязвимостей в своем регионе statistics.securelist.com