VulnerableCode Package Details - pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid

Essentials
History (39)

purl	pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (13)

Vulnerability	Summary	Aliases
VCID-2dqk-t9gt-kqhu	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2024-21112
VCID-2qtf-4bmt-5uev	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2024-21114
VCID-2uba-3jre-9kaw	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2024-21115
VCID-3q4q-e9xc-pqgp	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2024-21113
VCID-5b91-2rka-2bd2	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).	CVE-2024-21121
VCID-94ka-m2fz-hqak	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Difficult to exploit vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).	CVE-2024-21109
VCID-dud3-fxh1-jybc	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).	CVE-2024-21103
VCID-qekt-d11a-ryf5	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 6.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).	CVE-2024-21107
VCID-qksu-f137-m7ge	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H).	CVE-2024-21110
VCID-sjnq-f8tq-d3d4	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).	CVE-2024-21106
VCID-sqcp-u9uz-eugn	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).	CVE-2024-21108
VCID-swkf-186u-1kgz	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Linux hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).	CVE-2024-21116
VCID-ya37-anz7-jbea	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).	CVE-2024-21111

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T13:15:50.923005+00:00	Debian Importer	Fixing	VCID-qksu-f137-m7ge	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:59:28.740280+00:00	Debian Importer	Fixing	VCID-3q4q-e9xc-pqgp	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:18:18.485996+00:00	Debian Importer	Fixing	VCID-dud3-fxh1-jybc	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:02:32.587636+00:00	Debian Importer	Fixing	VCID-94ka-m2fz-hqak	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:54:44.147116+00:00	Debian Importer	Fixing	VCID-2uba-3jre-9kaw	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:20:58.812647+00:00	Debian Importer	Fixing	VCID-swkf-186u-1kgz	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:04:02.607594+00:00	Debian Importer	Fixing	VCID-5b91-2rka-2bd2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:02:06.607459+00:00	Debian Importer	Fixing	VCID-qekt-d11a-ryf5	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:47:48.662936+00:00	Debian Importer	Fixing	VCID-2dqk-t9gt-kqhu	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:46:26.213050+00:00	Debian Importer	Fixing	VCID-ya37-anz7-jbea	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:08:13.604244+00:00	Debian Importer	Fixing	VCID-sjnq-f8tq-d3d4	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:52:13.763094+00:00	Debian Importer	Fixing	VCID-2qtf-4bmt-5uev	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T08:44:22.914697+00:00	Debian Importer	Fixing	VCID-sqcp-u9uz-eugn	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T09:08:04.184292+00:00	Debian Importer	Fixing	VCID-qksu-f137-m7ge	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:55:34.562516+00:00	Debian Importer	Fixing	VCID-3q4q-e9xc-pqgp	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:41:31.073756+00:00	Debian Importer	Fixing	VCID-dud3-fxh1-jybc	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:29:48.324200+00:00	Debian Importer	Fixing	VCID-94ka-m2fz-hqak	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:23:46.147289+00:00	Debian Importer	Fixing	VCID-2uba-3jre-9kaw	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:58:09.921428+00:00	Debian Importer	Fixing	VCID-swkf-186u-1kgz	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:45:14.657412+00:00	Debian Importer	Fixing	VCID-5b91-2rka-2bd2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:43:51.335844+00:00	Debian Importer	Fixing	VCID-qekt-d11a-ryf5	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:32:39.609494+00:00	Debian Importer	Fixing	VCID-2dqk-t9gt-kqhu	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:31:35.240403+00:00	Debian Importer	Fixing	VCID-ya37-anz7-jbea	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:07:08.799909+00:00	Debian Importer	Fixing	VCID-sjnq-f8tq-d3d4	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:57:21.307202+00:00	Debian Importer	Fixing	VCID-2qtf-4bmt-5uev	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T17:52:16.362235+00:00	Debian Importer	Fixing	VCID-sqcp-u9uz-eugn	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:56:15.280590+00:00	Debian Importer	Fixing	VCID-5b91-2rka-2bd2	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.260207+00:00	Debian Importer	Fixing	VCID-swkf-186u-1kgz	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.239789+00:00	Debian Importer	Fixing	VCID-2uba-3jre-9kaw	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.219327+00:00	Debian Importer	Fixing	VCID-2qtf-4bmt-5uev	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.198878+00:00	Debian Importer	Fixing	VCID-3q4q-e9xc-pqgp	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.178471+00:00	Debian Importer	Fixing	VCID-2dqk-t9gt-kqhu	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.157681+00:00	Debian Importer	Fixing	VCID-ya37-anz7-jbea	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.137234+00:00	Debian Importer	Fixing	VCID-qksu-f137-m7ge	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.116972+00:00	Debian Importer	Fixing	VCID-94ka-m2fz-hqak	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.096655+00:00	Debian Importer	Fixing	VCID-sqcp-u9uz-eugn	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.076578+00:00	Debian Importer	Fixing	VCID-qekt-d11a-ryf5	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.056309+00:00	Debian Importer	Fixing	VCID-sjnq-f8tq-d3d4	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:15.035948+00:00	Debian Importer	Fixing	VCID-dud3-fxh1-jybc	https://security-tracker.debian.org/tracker/data/json	38.1.0