Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Sun Subscribe
Filtered by product Xvm Virtualbox
Total 3 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2008-3431 1 Sun 1 Xvm Virtualbox 2018-10-11 7.2 HIGH N/A
The VBoxDrvNtDeviceControl function in VBoxDrv.sys in Sun xVM VirtualBox before 1.6.4 uses the METHOD_NEITHER communication method for IOCTLs and does not properly validate a buffer associated with the Irp object, which allows local users to gain privileges by opening the \\.\VBoxDrv device and calling DeviceIoControl to send a crafted kernel address.
CVE-2009-0876 2 Linux, Sun 2 Linux Kernel, Xvm Virtualbox 2017-08-16 6.9 MEDIUM N/A
Sun xVM VirtualBox 2.0.0, 2.0.2, 2.0.4, 2.0.6r39760, 2.1.0, 2.1.2, and 2.1.4r42893 on Linux allows local users to gain privileges via a hardlink attack, which preserves setuid/setgid bits on Linux, related to DT_RPATH:$ORIGIN.
CVE-2009-3940 1 Sun 2 Virtualbox, Xvm Virtualbox 2010-03-03 2.1 LOW N/A
Unspecified vulnerability in Guest Additions in Sun xVM VirtualBox 1.6.x and 2.0.x before 2.0.12, 2.1.x, and 2.2.x, and Sun VirtualBox before 3.0.10, allows guest OS users to cause a denial of service (memory consumption) on the guest OS via unknown vectors.