Django REST framework

Lookup for vulnerable packages by Package URL.

Purl pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid

Type deb

Namespace debian

Name virtualbox

Version 7.0.16-dfsg-1

Qualifiers

distro	sid

Subpath

Is_vulnerable false

Next_non_vulnerable_version 7.0.20-dfsg-1

Latest_non_vulnerable_version 7.2.6-dfsg-4

Affected_by_vulnerabilities

Fixing_vulnerabilities

url VCID-2dqk-t9gt-kqhu

vulnerability_id VCID-2dqk-t9gt-kqhu

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21112

reference_id

reference_type

scores

value	0.0014
scoring_system	epss
scoring_elements	0.34198
published_at	2026-04-21T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34246
published_at	2026-04-16T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34233
published_at	2026-04-18T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34309
published_at	2026-04-02T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34338
published_at	2026-04-04T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34202
published_at	2026-04-07T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34245
published_at	2026-04-08T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34275
published_at	2026-04-11T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34235
published_at	2026-04-12T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34211
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21112

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:11Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21112

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2dqk-t9gt-kqhu

url VCID-2qtf-4bmt-5uev

vulnerability_id VCID-2qtf-4bmt-5uev

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21114

reference_id

reference_type

scores

value	0.0014
scoring_system	epss
scoring_elements	0.34198
published_at	2026-04-21T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34246
published_at	2026-04-16T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34233
published_at	2026-04-18T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34309
published_at	2026-04-02T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34338
published_at	2026-04-04T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34202
published_at	2026-04-07T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34245
published_at	2026-04-08T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34275
published_at	2026-04-11T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34235
published_at	2026-04-12T12:55:00Z

value	0.0014
scoring_system	epss
scoring_elements	0.34211
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21114

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:13Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21114

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2qtf-4bmt-5uev

url VCID-2uba-3jre-9kaw

vulnerability_id VCID-2uba-3jre-9kaw

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21115

reference_id

reference_type

scores

value	0.00263
scoring_system	epss
scoring_elements	0.49685
published_at	2026-04-21T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49716
published_at	2026-04-16T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49714
published_at	2026-04-18T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49649
published_at	2026-04-02T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49676
published_at	2026-04-04T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49628
published_at	2026-04-07T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49683
published_at	2026-04-08T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49678
published_at	2026-04-09T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49695
published_at	2026-04-11T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49667
published_at	2026-04-12T12:55:00Z

value	0.00263
scoring_system	epss
scoring_elements	0.49668
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21115

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:13Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21115

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2uba-3jre-9kaw

url VCID-3q4q-e9xc-pqgp

vulnerability_id VCID-3q4q-e9xc-pqgp

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21113

reference_id

reference_type

scores

value	0.00128
scoring_system	epss
scoring_elements	0.32157
published_at	2026-04-21T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32207
published_at	2026-04-16T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32186
published_at	2026-04-18T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32302
published_at	2026-04-02T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.3234
published_at	2026-04-04T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32165
published_at	2026-04-07T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32214
published_at	2026-04-08T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32241
published_at	2026-04-09T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32242
published_at	2026-04-11T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32204
published_at	2026-04-12T12:55:00Z

value	0.00128
scoring_system	epss
scoring_elements	0.32172
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21113

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	8.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:12Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21113

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3q4q-e9xc-pqgp

url VCID-5b91-2rka-2bd2

vulnerability_id VCID-5b91-2rka-2bd2

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21121

reference_id

reference_type

scores

value	0.00156
scoring_system	epss
scoring_elements	0.36366
published_at	2026-04-21T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36439
published_at	2026-04-16T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36423
published_at	2026-04-18T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36504
published_at	2026-04-02T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36538
published_at	2026-04-04T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36376
published_at	2026-04-07T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36427
published_at	2026-04-08T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36447
published_at	2026-04-09T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36455
published_at	2026-04-11T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.3642
published_at	2026-04-12T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36398
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21121

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-06-26T03:55:33Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21121

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5b91-2rka-2bd2

url VCID-94ka-m2fz-hqak

vulnerability_id VCID-94ka-m2fz-hqak

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21109

reference_id

reference_type

scores

value	0.00392
scoring_system	epss
scoring_elements	0.60237
published_at	2026-04-21T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60242
published_at	2026-04-16T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.6025
published_at	2026-04-18T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60155
published_at	2026-04-02T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60179
published_at	2026-04-04T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60149
published_at	2026-04-07T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60199
published_at	2026-04-08T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60212
published_at	2026-04-09T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60234
published_at	2026-04-11T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.6022
published_at	2026-04-12T12:55:00Z

value	0.00392
scoring_system	epss
scoring_elements	0.60203
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21109

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	5.9
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-07-15T20:04:38Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21109

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-94ka-m2fz-hqak

url VCID-dud3-fxh1-jybc

vulnerability_id VCID-dud3-fxh1-jybc

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21103

reference_id

reference_type

scores

value	0.002
scoring_system	epss
scoring_elements	0.42019
published_at	2026-04-21T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42065
published_at	2026-04-13T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42116
published_at	2026-04-16T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42076
published_at	2026-04-02T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42104
published_at	2026-04-04T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42041
published_at	2026-04-07T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42093
published_at	2026-04-08T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42105
published_at	2026-04-09T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42127
published_at	2026-04-11T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.4209
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21103

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:14Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21103

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-dud3-fxh1-jybc

url VCID-qekt-d11a-ryf5

vulnerability_id VCID-qekt-d11a-ryf5

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21107

reference_id

reference_type

scores

value	0.00137
scoring_system	epss
scoring_elements	0.33401
published_at	2026-04-21T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33457
published_at	2026-04-16T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33432
published_at	2026-04-18T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33532
published_at	2026-04-02T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33565
published_at	2026-04-04T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33405
published_at	2026-04-07T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33449
published_at	2026-04-08T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33483
published_at	2026-04-09T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33486
published_at	2026-04-11T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33445
published_at	2026-04-12T12:55:00Z

value	0.00137
scoring_system	epss
scoring_elements	0.33421
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21107

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	6.7
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:17Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21107

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qekt-d11a-ryf5

url VCID-qksu-f137-m7ge

vulnerability_id VCID-qksu-f137-m7ge

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21110

reference_id

reference_type

scores

value	0.00181
scoring_system	epss
scoring_elements	0.39751
published_at	2026-04-21T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.3986
published_at	2026-04-16T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39832
published_at	2026-04-18T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39838
published_at	2026-04-08T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39862
published_at	2026-04-04T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39783
published_at	2026-04-07T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39851
published_at	2026-04-09T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39861
published_at	2026-04-11T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39827
published_at	2026-04-12T12:55:00Z

value	0.00181
scoring_system	epss
scoring_elements	0.39811
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21110

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	7.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:16Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21110

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qksu-f137-m7ge

url VCID-sjnq-f8tq-d3d4

vulnerability_id VCID-sjnq-f8tq-d3d4

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21106

reference_id

reference_type

scores

value	0.00156
scoring_system	epss
scoring_elements	0.36291
published_at	2026-04-21T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36362
published_at	2026-04-16T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36346
published_at	2026-04-18T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36434
published_at	2026-04-02T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36467
published_at	2026-04-04T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36302
published_at	2026-04-07T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.3635
published_at	2026-04-08T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36371
published_at	2026-04-09T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36378
published_at	2026-04-11T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.36342
published_at	2026-04-12T12:55:00Z

value	0.00156
scoring_system	epss
scoring_elements	0.3632
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21106

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	6.5
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-05-30T15:32:20Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21106

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sjnq-f8tq-d3d4

url VCID-sqcp-u9uz-eugn

vulnerability_id VCID-sqcp-u9uz-eugn

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21108

reference_id

reference_type

scores

value	0.00153
scoring_system	epss
scoring_elements	0.35991
published_at	2026-04-21T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36056
published_at	2026-04-16T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36042
published_at	2026-04-18T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36142
published_at	2026-04-02T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36172
published_at	2026-04-04T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36008
published_at	2026-04-07T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36057
published_at	2026-04-08T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36075
published_at	2026-04-09T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36082
published_at	2026-04-11T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36043
published_at	2026-04-12T12:55:00Z

value	0.00153
scoring_system	epss
scoring_elements	0.36017
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21108

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	3.3
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-06-13T20:13:49Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21108

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sqcp-u9uz-eugn

url VCID-swkf-186u-1kgz

vulnerability_id VCID-swkf-186u-1kgz

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21116

reference_id

reference_type

scores

value	0.002
scoring_system	epss
scoring_elements	0.42019
published_at	2026-04-21T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42065
published_at	2026-04-13T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42116
published_at	2026-04-16T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42076
published_at	2026-04-02T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42104
published_at	2026-04-04T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42041
published_at	2026-04-07T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42093
published_at	2026-04-08T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42105
published_at	2026-04-09T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.42127
published_at	2026-04-11T12:55:00Z

value	0.002
scoring_system	epss
scoring_elements	0.4209
published_at	2026-04-18T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21116

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track
scoring_system	ssvc
scoring_elements	SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-04-19T04:01:16Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21116

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-swkf-186u-1kgz

url VCID-ya37-anz7-jbea

vulnerability_id VCID-ya37-anz7-jbea

summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).

references

reference_url

https://api.first.org/data/v1/epss?cve=CVE-2024-21111

reference_id

reference_type

scores

value	0.09561
scoring_system	epss
scoring_elements	0.92876
published_at	2026-04-21T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.9287
published_at	2026-04-16T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.92871
published_at	2026-04-18T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.92841
published_at	2026-04-02T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.92845
published_at	2026-04-04T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.92843
published_at	2026-04-07T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.92852
published_at	2026-04-08T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.92855
published_at	2026-04-09T12:55:00Z

value	0.09561
scoring_system	epss
scoring_elements	0.9286
published_at	2026-04-13T12:55:00Z

url

https://api.first.org/data/v1/epss?cve=CVE-2024-21111

reference_url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_id	cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*
reference_type
scores
url	https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:::::::*

reference_url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_id

cpuapr2024.html

reference_type

scores

value	7.8
scoring_system	cvssv3.1
scoring_elements	CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

value	Track*
scoring_system	ssvc
scoring_elements	SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-30T04:00:07Z/

url

https://www.oracle.com/security-alerts/cpuapr2024.html

reference_url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/52287.C++
reference_id	CVE-2024-21111
reference_type	exploit
scores
url	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/52287.C++

fixed_packages

url	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid

url	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl	pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable	`false`
affected_by_vulnerabilities
resource_url	http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid

aliases CVE-2024-21111

risk_score null

exploitability null

weighted_severity null

resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ya37-anz7-jbea

Risk_score null

Resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid

Package Instance