VulnerableCode Package Details - pkg:deb/debian/virtualbox@5.2.20-dfsg-1?distro=sid

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/virtualbox@5.2.20-dfsg-1?distro=sid

Essentials
History (39)

purl	pkg:deb/debian/virtualbox@5.2.20-dfsg-1?distro=sid

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (13)

Vulnerability	Summary	Aliases
VCID-1133-ysak-37aq	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-2909
VCID-1g1c-khsq-vqfr	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3292
VCID-29n7-4eyc-y3bk	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3297
VCID-5b3f-5cbq-jycs	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3296
VCID-85jv-3ssg-dkc1	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3291
VCID-8vpe-4asg-bqaa	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3295
VCID-akcu-srak-rqcy	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows low privileged attacker with network access via VRDP to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 9.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3294
VCID-fhuf-7749-u7dd	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3290
VCID-pz6x-vubk-5kaq	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3288
VCID-tfs5-nd8b-g3g5	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3289
VCID-vgkt-g8k1-4uct	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3287
VCID-wqgx-swqt-gfcz	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3298
VCID-wqqw-mv61-p7ff	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). The supported version that is affected is Prior to 5.2.20. Easily exploitable vulnerability allows unauthenticated attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H).	CVE-2018-3293

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:03:27.740314+00:00	Debian Importer	Fixing	VCID-fhuf-7749-u7dd	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:22:17.079185+00:00	Debian Importer	Fixing	VCID-5b3f-5cbq-jycs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:06:06.604202+00:00	Debian Importer	Fixing	VCID-wqqw-mv61-p7ff	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:37:13.719577+00:00	Debian Importer	Fixing	VCID-wqgx-swqt-gfcz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:13:35.870882+00:00	Debian Importer	Fixing	VCID-1133-ysak-37aq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:09:14.067256+00:00	Debian Importer	Fixing	VCID-85jv-3ssg-dkc1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:56:35.655198+00:00	Debian Importer	Fixing	VCID-8vpe-4asg-bqaa	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:49:08.490009+00:00	Debian Importer	Fixing	VCID-tfs5-nd8b-g3g5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:37:37.120378+00:00	Debian Importer	Fixing	VCID-vgkt-g8k1-4uct	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:30:52.600750+00:00	Debian Importer	Fixing	VCID-1g1c-khsq-vqfr	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:48:41.035996+00:00	Debian Importer	Fixing	VCID-29n7-4eyc-y3bk	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:47:58.823806+00:00	Debian Importer	Fixing	VCID-pz6x-vubk-5kaq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:47:06.047034+00:00	Debian Importer	Fixing	VCID-akcu-srak-rqcy	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:14:19.032758+00:00	Debian Importer	Fixing	VCID-fhuf-7749-u7dd	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:44:35.078660+00:00	Debian Importer	Fixing	VCID-5b3f-5cbq-jycs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:32:25.414704+00:00	Debian Importer	Fixing	VCID-wqqw-mv61-p7ff	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:10:40.690505+00:00	Debian Importer	Fixing	VCID-wqgx-swqt-gfcz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:52:33.319717+00:00	Debian Importer	Fixing	VCID-1133-ysak-37aq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:49:16.452901+00:00	Debian Importer	Fixing	VCID-85jv-3ssg-dkc1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:39:30.258722+00:00	Debian Importer	Fixing	VCID-8vpe-4asg-bqaa	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:33:39.721608+00:00	Debian Importer	Fixing	VCID-tfs5-nd8b-g3g5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:24:30.404327+00:00	Debian Importer	Fixing	VCID-vgkt-g8k1-4uct	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:20:44.892192+00:00	Debian Importer	Fixing	VCID-1g1c-khsq-vqfr	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:55:13.338295+00:00	Debian Importer	Fixing	VCID-29n7-4eyc-y3bk	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:54:43.972974+00:00	Debian Importer	Fixing	VCID-pz6x-vubk-5kaq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:54:03.547295+00:00	Debian Importer	Fixing	VCID-akcu-srak-rqcy	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:56:10.491499+00:00	Debian Importer	Fixing	VCID-wqgx-swqt-gfcz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.471491+00:00	Debian Importer	Fixing	VCID-29n7-4eyc-y3bk	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.451458+00:00	Debian Importer	Fixing	VCID-5b3f-5cbq-jycs	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.431524+00:00	Debian Importer	Fixing	VCID-8vpe-4asg-bqaa	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.411644+00:00	Debian Importer	Fixing	VCID-akcu-srak-rqcy	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.391229+00:00	Debian Importer	Fixing	VCID-wqqw-mv61-p7ff	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.370986+00:00	Debian Importer	Fixing	VCID-1g1c-khsq-vqfr	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.350789+00:00	Debian Importer	Fixing	VCID-85jv-3ssg-dkc1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.330735+00:00	Debian Importer	Fixing	VCID-fhuf-7749-u7dd	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.310586+00:00	Debian Importer	Fixing	VCID-tfs5-nd8b-g3g5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.290353+00:00	Debian Importer	Fixing	VCID-pz6x-vubk-5kaq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.270233+00:00	Debian Importer	Fixing	VCID-vgkt-g8k1-4uct	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:10.066475+00:00	Debian Importer	Fixing	VCID-1133-ysak-37aq	https://security-tracker.debian.org/tracker/data/json	38.1.0