VulnerableCode Package Details - pkg:deb/debian/virtualbox@6.0.6-dfsg-1?distro=sid

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/virtualbox@6.0.6-dfsg-1?distro=sid

Essentials
History (36)

purl	pkg:deb/debian/virtualbox@6.0.6-dfsg-1?distro=sid

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (12)

Vulnerability	Summary	Aliases
VCID-42aj-vkah-muff	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2703
VCID-4nyc-f22h-4fbh	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2680
VCID-5x3d-8v24-73hg	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2690
VCID-6g9h-qjtq-83bv	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2723
VCID-c5gc-zj9e-x7hs	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).	CVE-2019-2678
VCID-j15t-knfd-tfd1	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2696
VCID-ngxv-3a1q-6bf3	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.3 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:H).	CVE-2019-2679
VCID-srpe-czby-jue9	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2721
VCID-sxh8-hd5p-7bfq	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2722
VCID-wwca-1xwz-c7e5	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2019-2656
VCID-x5x9-w5gw-1qh3	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).	CVE-2019-2657
VCID-yayq-xa1q-9kb9	Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.28 and prior to 6.0.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).	CVE-2019-2574

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:03:00.589867+00:00	Debian Importer	Fixing	VCID-42aj-vkah-muff	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:56:24.394421+00:00	Debian Importer	Fixing	VCID-sxh8-hd5p-7bfq	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:49:12.050441+00:00	Debian Importer	Fixing	VCID-x5x9-w5gw-1qh3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:01:40.030133+00:00	Debian Importer	Fixing	VCID-wwca-1xwz-c7e5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:26:43.371587+00:00	Debian Importer	Fixing	VCID-c5gc-zj9e-x7hs	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:05:41.206123+00:00	Debian Importer	Fixing	VCID-ngxv-3a1q-6bf3	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:57:07.347134+00:00	Debian Importer	Fixing	VCID-5x3d-8v24-73hg	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:49:19.394821+00:00	Debian Importer	Fixing	VCID-srpe-czby-jue9	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:40:27.202556+00:00	Debian Importer	Fixing	VCID-j15t-knfd-tfd1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:27:15.622453+00:00	Debian Importer	Fixing	VCID-6g9h-qjtq-83bv	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:21:18.325145+00:00	Debian Importer	Fixing	VCID-4nyc-f22h-4fbh	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:04:51.533172+00:00	Debian Importer	Fixing	VCID-yayq-xa1q-9kb9	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:13:57.645956+00:00	Debian Importer	Fixing	VCID-42aj-vkah-muff	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:08:59.319386+00:00	Debian Importer	Fixing	VCID-sxh8-hd5p-7bfq	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:03:54.267380+00:00	Debian Importer	Fixing	VCID-x5x9-w5gw-1qh3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:29:10.027527+00:00	Debian Importer	Fixing	VCID-wwca-1xwz-c7e5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:02:46.745670+00:00	Debian Importer	Fixing	VCID-c5gc-zj9e-x7hs	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:46:35.156473+00:00	Debian Importer	Fixing	VCID-ngxv-3a1q-6bf3	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:39:53.181289+00:00	Debian Importer	Fixing	VCID-5x3d-8v24-73hg	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:33:47.267923+00:00	Debian Importer	Fixing	VCID-srpe-czby-jue9	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:26:12.114257+00:00	Debian Importer	Fixing	VCID-j15t-knfd-tfd1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:18:25.691145+00:00	Debian Importer	Fixing	VCID-6g9h-qjtq-83bv	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:14:56.983163+00:00	Debian Importer	Fixing	VCID-4nyc-f22h-4fbh	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:05:07.077719+00:00	Debian Importer	Fixing	VCID-yayq-xa1q-9kb9	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:56:11.289273+00:00	Debian Importer	Fixing	VCID-6g9h-qjtq-83bv	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.269148+00:00	Debian Importer	Fixing	VCID-sxh8-hd5p-7bfq	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.249021+00:00	Debian Importer	Fixing	VCID-srpe-czby-jue9	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.228811+00:00	Debian Importer	Fixing	VCID-42aj-vkah-muff	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.208081+00:00	Debian Importer	Fixing	VCID-j15t-knfd-tfd1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.187402+00:00	Debian Importer	Fixing	VCID-5x3d-8v24-73hg	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.167213+00:00	Debian Importer	Fixing	VCID-4nyc-f22h-4fbh	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.147165+00:00	Debian Importer	Fixing	VCID-ngxv-3a1q-6bf3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.126718+00:00	Debian Importer	Fixing	VCID-c5gc-zj9e-x7hs	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.106485+00:00	Debian Importer	Fixing	VCID-x5x9-w5gw-1qh3	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.086361+00:00	Debian Importer	Fixing	VCID-wwca-1xwz-c7e5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:11.065834+00:00	Debian Importer	Fixing	VCID-yayq-xa1q-9kb9	https://security-tracker.debian.org/tracker/data/json	38.1.0