Package Instance
Lookup for vulnerable packages by Package URL.
GET /api/packages/272780?format=api
{ "url": "http://public2.vulnerablecode.io/api/packages/272780?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.18-dfsg-3", "type": "deb", "namespace": "debian", "name": "virtualbox", "version": "4.3.18-dfsg-3", "qualifiers": {}, "subpath": "", "is_vulnerable": true, "next_non_vulnerable_version": "4.3.36-dfsg-1+deb8u1", "latest_non_vulnerable_version": "4.3.36-dfsg-1+deb8u1", "affected_by_vulnerabilities": [ { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103669?format=api", "vulnerability_id": "VCID-48pn-dnr1-tue7", "summary": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and before 5.0.14 allows local users to affect availability via unknown vectors related to Core.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0592", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25643", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00091", "scoring_system": "epss", "scoring_elements": "0.25744", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0592" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272782?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1" } ], "aliases": [ "CVE-2016-0592" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-48pn-dnr1-tue7" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103665?format=api", "vulnerability_id": "VCID-6j9c-zxde-9fdu", "summary": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Core.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4813", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17675", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00056", "scoring_system": "epss", "scoring_elements": "0.17753", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4896" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272781?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48pn-dnr1-tue7" }, { "vulnerability": "VCID-dd8y-kd49-dych" }, { "vulnerability": "VCID-kcpk-8c1z-8bek" }, { "vulnerability": "VCID-zhqk-mhmj-rud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1~bpo70%252B1" } ], "aliases": [ "CVE-2015-4813" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-6j9c-zxde-9fdu" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78884?format=api", "vulnerability_id": "VCID-dd8y-kd49-dych", "summary": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #DB (aka Debug) exceptions, related to svm.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8104.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-8104.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8104", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55901", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00327", "scoring_system": "epss", "scoring_elements": "0.55957", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-8104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7446", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-7446" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3259", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3259" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7799", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7799" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7972", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7972" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592" }, { "reference_url": "http://www.securitytracker.com/id/1034105", "reference_id": "1034105", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.securitytracker.com/id/1034105" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278496", "reference_id": "1278496", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1278496" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html", "reference_id": "172187.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172187.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html", "reference_id": "172300.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172300.html" }, { "reference_url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html", "reference_id": "172435.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/172435.html" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2023/10/10/4", "reference_id": "4", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2023/10/10/4" }, { "reference_url": "http://www.openwall.com/lists/oss-security/2015/11/10/5", "reference_id": "5", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.openwall.com/lists/oss-security/2015/11/10/5" }, { "reference_url": "http://www.securityfocus.com/bid/77524", "reference_id": "77524", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.securityfocus.com/bid/77524" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823620", "reference_id": "823620", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823620" }, { "reference_url": "http://www.securityfocus.com/bid/91787", "reference_id": "91787", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.securityfocus.com/bid/91787" }, { "reference_url": "http://xenbits.xen.org/xsa/advisory-156.html", "reference_id": "advisory-156.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://xenbits.xen.org/xsa/advisory-156.html" }, { "reference_url": "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d", "reference_id": "cbdb967af3d54993f5814f1cee0ed311a055377d", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "https://github.com/torvalds/linux/commit/cbdb967af3d54993f5814f1cee0ed311a055377d" }, { "reference_url": "http://support.citrix.com/article/CTX202583", "reference_id": "CTX202583", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://support.citrix.com/article/CTX202583" }, { "reference_url": "http://support.citrix.com/article/CTX203879", "reference_id": "CTX203879", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://support.citrix.com/article/CTX203879" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3414", "reference_id": "dsa-3414", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3414" }, { "reference_url": "http://www.debian.org/security/2015/dsa-3426", "reference_id": "dsa-3426", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.debian.org/security/2015/dsa-3426" }, { "reference_url": "http://www.debian.org/security/2016/dsa-3454", "reference_id": "dsa-3454", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.debian.org/security/2016/dsa-3454" }, { "reference_url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d", "reference_id": "?id=cbdb967af3d54993f5814f1cee0ed311a055377d", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=cbdb967af3d54993f5814f1cee0ed311a055377d" }, { "reference_url": "https://kb.juniper.net/JSA10783", "reference_id": "JSA10783", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "https://kb.juniper.net/JSA10783" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html", "reference_id": "linuxbulletinjan2016-2867209.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinjan2016-2867209.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html", "reference_id": "msg00005.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00005.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html", "reference_id": "msg00013.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00013.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html", "reference_id": "msg00015.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00015.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html", "reference_id": "msg00026.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00026.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html", "reference_id": "msg00031.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00031.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html", "reference_id": "msg00035.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-11/msg00035.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html", "reference_id": "msg00038.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00038.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html", "reference_id": "msg00039.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00039.html" }, { "reference_url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html", "reference_id": "msg00053.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://lists.opensuse.org/opensuse-updates/2015-12/msg00053.html" }, { "reference_url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html", "reference_id": "ovmbulletinjul2016-3090546.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.oracle.com/technetwork/topics/security/ovmbulletinjul2016-3090546.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2552", "reference_id": "RHSA-2015:2552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2636", "reference_id": "RHSA-2015:2636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2636" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html", "reference_id": "RHSA-2015-2636.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2636.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2645", "reference_id": "RHSA-2015:2645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2645" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2015-2645.html", "reference_id": "RHSA-2015-2645.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2015-2645.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0004", "reference_id": "RHSA-2016:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0024", "reference_id": "RHSA-2016:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0046", "reference_id": "RHSA-2016:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0046" }, { "reference_url": "http://rhn.redhat.com/errata/RHSA-2016-0046.html", "reference_id": "RHSA-2016-0046.html", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0046.html" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0103", "reference_id": "RHSA-2016:0103", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0103" }, { "reference_url": "https://usn.ubuntu.com/2840-1/", "reference_id": "USN-2840-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2840-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2840-1", "reference_id": "USN-2840-1", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2840-1" }, { "reference_url": "https://usn.ubuntu.com/2841-1/", "reference_id": "USN-2841-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2841-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2841-1", "reference_id": "USN-2841-1", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2841-1" }, { "reference_url": "https://usn.ubuntu.com/2841-2/", "reference_id": "USN-2841-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2841-2/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2841-2", "reference_id": "USN-2841-2", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2841-2" }, { "reference_url": "https://usn.ubuntu.com/2842-1/", "reference_id": "USN-2842-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2842-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2842-1", "reference_id": "USN-2842-1", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2842-1" }, { "reference_url": "https://usn.ubuntu.com/2842-2/", "reference_id": "USN-2842-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2842-2/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2842-2", "reference_id": "USN-2842-2", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2842-2" }, { "reference_url": "https://usn.ubuntu.com/2843-1/", "reference_id": "USN-2843-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2843-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2843-1", "reference_id": "USN-2843-1", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2843-1" }, { "reference_url": "https://usn.ubuntu.com/2843-2/", "reference_id": "USN-2843-2", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2843-2/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2843-2", "reference_id": "USN-2843-2", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2843-2" }, { "reference_url": "https://usn.ubuntu.com/2844-1/", "reference_id": "USN-2844-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2844-1/" }, { "reference_url": "http://www.ubuntu.com/usn/USN-2844-1", "reference_id": "USN-2844-1", "reference_type": "", "scores": [ { "value": "10", "scoring_system": "cvssv3.1", "scoring_elements": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H" }, { "value": "Track", "scoring_system": "ssvc", "scoring_elements": "SSVCv2/E:N/A:Y/T:T/P:M/B:A/M:M/D:T/2025-04-23T13:47:48Z/" } ], "url": "http://www.ubuntu.com/usn/USN-2844-1" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-156.html", "reference_id": "XSA-156", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-156.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272782?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1" } ], "aliases": [ "CVE-2015-8104" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-dd8y-kd49-dych" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103668?format=api", "vulnerability_id": "VCID-kcpk-8c1z-8bek", "summary": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.36 and 5.0.14 allows remote attackers to affect availability via unknown vectors related to Core.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0495", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77343", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01001", "scoring_system": "epss", "scoring_elements": "0.77372", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2016-0495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272782?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1" } ], "aliases": [ "CVE-2016-0495" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kcpk-8c1z-8bek" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/99146?format=api", "vulnerability_id": "VCID-kn3g-4r4n-9fab", "summary": "The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3456.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-3456.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3456", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.19325", "scoring_system": "epss", "scoring_elements": "0.95492", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.19325", "scoring_system": "epss", "scoring_elements": "0.95499", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-3456" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9718", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9718" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1779", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1779" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2756" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3456" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218611", "reference_id": "1218611", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1218611" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785424", "reference_id": "785424", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=785424" }, { "reference_url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37053.c", "reference_id": "CVE-2015-3456;OSVDB-122072", "reference_type": "exploit", "scores": [], "url": "https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/dos/37053.c" }, { "reference_url": "https://marc.info/?l=oss-security&m=143155206320935&w=2", "reference_id": "CVE-2015-3456;OSVDB-122072", "reference_type": "exploit", "scores": [], "url": "https://marc.info/?l=oss-security&m=143155206320935&w=2" }, { "reference_url": "https://security.gentoo.org/glsa/201602-01", "reference_id": "GLSA-201602-01", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201602-01" }, { "reference_url": "https://security.gentoo.org/glsa/201604-03", "reference_id": "GLSA-201604-03", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201604-03" }, { "reference_url": "https://security.gentoo.org/glsa/201612-27", "reference_id": "GLSA-201612-27", "reference_type": "", "scores": [], "url": "https://security.gentoo.org/glsa/201612-27" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0998", "reference_id": "RHSA-2015:0998", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0998" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:0999", "reference_id": "RHSA-2015:0999", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:0999" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1000", "reference_id": "RHSA-2015:1000", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1000" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1001", "reference_id": "RHSA-2015:1001", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1001" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1002", "reference_id": "RHSA-2015:1002", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1002" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1003", "reference_id": "RHSA-2015:1003", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1003" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1004", "reference_id": "RHSA-2015:1004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1011", "reference_id": "RHSA-2015:1011", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1011" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:1031", "reference_id": "RHSA-2015:1031", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:1031" }, { "reference_url": "https://usn.ubuntu.com/2608-1/", "reference_id": "USN-2608-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2608-1/" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-133.html", "reference_id": "XSA-133", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-133.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272781?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48pn-dnr1-tue7" }, { "vulnerability": "VCID-dd8y-kd49-dych" }, { "vulnerability": "VCID-kcpk-8c1z-8bek" }, { "vulnerability": "VCID-zhqk-mhmj-rud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1~bpo70%252B1" } ], "aliases": [ "CVE-2015-3456" ], "risk_score": 0.4, "exploitability": "2.0", "weighted_severity": "0.2", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-kn3g-4r4n-9fab" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103667?format=api", "vulnerability_id": "VCID-mzer-q7ph-8kbj", "summary": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP) enabled, allows remote attackers to affect availability via unknown vectors related to Core.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4896", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.01499", "scoring_system": "epss", "scoring_elements": "0.81461", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.01499", "scoring_system": "epss", "scoring_elements": "0.81489", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-4896" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4896", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4896" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272781?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48pn-dnr1-tue7" }, { "vulnerability": "VCID-dd8y-kd49-dych" }, { "vulnerability": "VCID-kcpk-8c1z-8bek" }, { "vulnerability": "VCID-zhqk-mhmj-rud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1~bpo70%252B1" } ], "aliases": [ "CVE-2015-4896" ], "risk_score": null, "exploitability": null, "weighted_severity": null, "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-mzer-q7ph-8kbj" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/103664?format=api", "vulnerability_id": "VCID-z87u-21fj-tyf5", "summary": "Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.32, 4.1.40, 4.2.32, and 4.3.30 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Core.", "references": [ { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2594", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32484", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00134", "scoring_system": "epss", "scoring_elements": "0.32556", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-2594" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2594", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-2594" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792446", "reference_id": "792446", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792446" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272781?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1~bpo70%2B1", "is_vulnerable": true, "affected_by_vulnerabilities": [ { "vulnerability": "VCID-48pn-dnr1-tue7" }, { "vulnerability": "VCID-dd8y-kd49-dych" }, { "vulnerability": "VCID-kcpk-8c1z-8bek" }, { "vulnerability": "VCID-zhqk-mhmj-rud8" } ], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1~bpo70%252B1" } ], "aliases": [ "CVE-2015-2594" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-z87u-21fj-tyf5" }, { "url": "http://public2.vulnerablecode.io/api/vulnerabilities/78857?format=api", "vulnerability_id": "VCID-zhqk-mhmj-rud8", "summary": "The KVM subsystem in the Linux kernel through 4.2.6, and Xen 4.3.x through 4.6.x, allows guest OS users to cause a denial of service (host OS panic or hang) by triggering many #AC (aka Alignment Check) exceptions, related to svm.c and vmx.c.", "references": [ { "reference_url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5307.json", "reference_id": "", "reference_type": "", "scores": [], "url": "https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2015-5307.json" }, { "reference_url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5307", "reference_id": "", "reference_type": "", "scores": [ { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26431", "published_at": "2026-06-04T12:55:00Z" }, { "value": "0.00096", "scoring_system": "epss", "scoring_elements": "0.26534", "published_at": "2026-06-05T12:55:00Z" } ], "url": "https://api.first.org/data/v1/epss?cve=CVE-2015-5307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3259", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3259" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3340" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5307" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6654", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6654" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7311", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7311" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7812", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7812" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7813", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7813" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7814", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7814" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7833", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7833" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7872", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7872" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7969", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7969" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7970", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7970" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7971", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7971" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7972", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7972" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7990", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7990" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8104" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0495" }, { "reference_url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592", "reference_id": "", "reference_type": "", "scores": [], "url": "https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0592" }, { "reference_url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml", "reference_id": "", "reference_type": "", "scores": [ { "value": "4.7", "scoring_system": "cvssv2", "scoring_elements": "AV:L/AC:M/Au:N/C:N/I:N/A:C" } ], "url": "https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml" }, { "reference_url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277172", "reference_id": "1277172", "reference_type": "", "scores": [], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1277172" }, { "reference_url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823620", "reference_id": "823620", "reference_type": "", "scores": [], "url": "https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=823620" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2552", "reference_id": "RHSA-2015:2552", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2552" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2587", "reference_id": "RHSA-2015:2587", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2587" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2636", "reference_id": "RHSA-2015:2636", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2636" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2015:2645", "reference_id": "RHSA-2015:2645", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2015:2645" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0004", "reference_id": "RHSA-2016:0004", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0004" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0024", "reference_id": "RHSA-2016:0024", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0024" }, { "reference_url": "https://access.redhat.com/errata/RHSA-2016:0046", "reference_id": "RHSA-2016:0046", "reference_type": "", "scores": [], "url": "https://access.redhat.com/errata/RHSA-2016:0046" }, { "reference_url": "https://usn.ubuntu.com/2800-1/", "reference_id": "USN-2800-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2800-1/" }, { "reference_url": "https://usn.ubuntu.com/2801-1/", "reference_id": "USN-2801-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2801-1/" }, { "reference_url": "https://usn.ubuntu.com/2802-1/", "reference_id": "USN-2802-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2802-1/" }, { "reference_url": "https://usn.ubuntu.com/2803-1/", "reference_id": "USN-2803-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2803-1/" }, { "reference_url": "https://usn.ubuntu.com/2804-1/", "reference_id": "USN-2804-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2804-1/" }, { "reference_url": "https://usn.ubuntu.com/2805-1/", "reference_id": "USN-2805-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2805-1/" }, { "reference_url": "https://usn.ubuntu.com/2806-1/", "reference_id": "USN-2806-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2806-1/" }, { "reference_url": "https://usn.ubuntu.com/2807-1/", "reference_id": "USN-2807-1", "reference_type": "", "scores": [], "url": "https://usn.ubuntu.com/2807-1/" }, { "reference_url": "https://xenbits.xen.org/xsa/advisory-156.html", "reference_id": "XSA-156", "reference_type": "", "scores": [], "url": "https://xenbits.xen.org/xsa/advisory-156.html" } ], "fixed_packages": [ { "url": "http://public2.vulnerablecode.io/api/packages/272782?format=api", "purl": "pkg:deb/debian/virtualbox@4.3.36-dfsg-1%2Bdeb8u1", "is_vulnerable": false, "affected_by_vulnerabilities": [], "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.36-dfsg-1%252Bdeb8u1" } ], "aliases": [ "CVE-2015-5307" ], "risk_score": null, "exploitability": "0.5", "weighted_severity": "0.0", "resource_url": "http://public2.vulnerablecode.io/vulnerabilities/VCID-zhqk-mhmj-rud8" } ], "fixing_vulnerabilities": [], "risk_score": null, "resource_url": "http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@4.3.18-dfsg-3" }