VulnerableCode Package Details - pkg:deb/debian/virtualbox@7.0.8-dfsg-1?distro=sid

Staging Environment: Content and features may be unstable or change without notice.

Search for packages

Package details: pkg:deb/debian/virtualbox@7.0.8-dfsg-1?distro=sid

Essentials
History (30)

purl	pkg:deb/debian/virtualbox@7.0.8-dfsg-1?distro=sid

Vulnerabilities affecting this package (0)

Vulnerability	Summary	Fixed by
This package is not known to be affected by vulnerabilities.

Vulnerabilities fixed by this package (10)

Vulnerability	Summary	Aliases
VCID-6w31-wsm4-mufh	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).	CVE-2023-21989
VCID-8n1x-aejs-z7f2	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H).	CVE-2023-21987
VCID-bhj1-1vgd-3qe1	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. Note: This vulnerability applies to Windows VMs only. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N).	CVE-2023-21998
VCID-dss7-vc8q-mbg9	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:L/I:L/A:N).	CVE-2023-21999
VCID-jefu-asf7-7bex	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N).	CVE-2023-22001
VCID-m15r-872d-vkev	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).	CVE-2023-21990
VCID-rguu-gfvv-aud8	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.8 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N).	CVE-2023-21988
VCID-rty8-4f5g-a7ac	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 3.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).	CVE-2023-21991
VCID-ttey-8sw1-e7av	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).	CVE-2023-22002
VCID-zxkd-ypyr-77dr	Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.44 and Prior to 7.0.8. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 4.6 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:N).	CVE-2023-22000

Date	Actor	Action	Vulnerability	Source	VulnerableCode Version
2026-04-16T12:21:57.780586+00:00	Debian Importer	Fixing	VCID-rguu-gfvv-aud8	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T12:14:31.741031+00:00	Debian Importer	Fixing	VCID-6w31-wsm4-mufh	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:21:34.693056+00:00	Debian Importer	Fixing	VCID-jefu-asf7-7bex	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T11:20:46.347493+00:00	Debian Importer	Fixing	VCID-rty8-4f5g-a7ac	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:44:39.818513+00:00	Debian Importer	Fixing	VCID-ttey-8sw1-e7av	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T10:21:01.822290+00:00	Debian Importer	Fixing	VCID-dss7-vc8q-mbg9	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:52:32.568499+00:00	Debian Importer	Fixing	VCID-m15r-872d-vkev	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:43:26.299401+00:00	Debian Importer	Fixing	VCID-8n1x-aejs-z7f2	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:35:40.850812+00:00	Debian Importer	Fixing	VCID-bhj1-1vgd-3qe1	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-16T09:32:17.142551+00:00	Debian Importer	Fixing	VCID-zxkd-ypyr-77dr	https://security-tracker.debian.org/tracker/data/json	38.4.0
2026-04-13T08:27:39.340167+00:00	Debian Importer	Fixing	VCID-rguu-gfvv-aud8	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T08:22:25.503578+00:00	Debian Importer	Fixing	VCID-6w31-wsm4-mufh	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:44:01.486450+00:00	Debian Importer	Fixing	VCID-jefu-asf7-7bex	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:43:24.378883+00:00	Debian Importer	Fixing	VCID-rty8-4f5g-a7ac	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T07:15:57.076918+00:00	Debian Importer	Fixing	VCID-ttey-8sw1-e7av	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:58:12.521045+00:00	Debian Importer	Fixing	VCID-dss7-vc8q-mbg9	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:36:17.914818+00:00	Debian Importer	Fixing	VCID-m15r-872d-vkev	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-13T06:29:19.922503+00:00	Debian Importer	Fixing	VCID-8n1x-aejs-z7f2	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:23:23.963376+00:00	Debian Importer	Fixing	VCID-bhj1-1vgd-3qe1	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-11T18:21:33.375516+00:00	Debian Importer	Fixing	VCID-zxkd-ypyr-77dr	https://security-tracker.debian.org/tracker/data/json	38.3.0
2026-04-03T07:56:14.890242+00:00	Debian Importer	Fixing	VCID-ttey-8sw1-e7av	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.869805+00:00	Debian Importer	Fixing	VCID-jefu-asf7-7bex	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.849517+00:00	Debian Importer	Fixing	VCID-zxkd-ypyr-77dr	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.829245+00:00	Debian Importer	Fixing	VCID-dss7-vc8q-mbg9	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.808423+00:00	Debian Importer	Fixing	VCID-bhj1-1vgd-3qe1	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.788027+00:00	Debian Importer	Fixing	VCID-rty8-4f5g-a7ac	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.767864+00:00	Debian Importer	Fixing	VCID-m15r-872d-vkev	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.747659+00:00	Debian Importer	Fixing	VCID-6w31-wsm4-mufh	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.727746+00:00	Debian Importer	Fixing	VCID-rguu-gfvv-aud8	https://security-tracker.debian.org/tracker/data/json	38.1.0
2026-04-03T07:56:14.707236+00:00	Debian Importer	Fixing	VCID-8n1x-aejs-z7f2	https://security-tracker.debian.org/tracker/data/json	38.1.0