{"url":"http://public2.vulnerablecode.io/api/packages/106831?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1?distro=trixie","type":"deb","namespace":"debian","name":"virtualbox-guest-additions-iso","version":"6.1.22-1","qualifiers":{"distro":"trixie"},"subpath":"","is_vulnerable":false,"next_non_vulnerable_version":"7.0.6-1","latest_non_vulnerable_version":"7.2.8-1","affected_by_vulnerabilities":[],"fixing_vulnerabilities":[{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183508?format=json","vulnerability_id":"VCID-1zw2-t6v7-kqee","summary":"Multiple vulnerabilities were found in VirtualBox, allowing local\n    attackers to gain escalated privileges.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2300","reference_id":"","reference_type":"","scores":[{"value":"0.00151","scoring_system":"epss","scoring_elements":"0.35516","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2011-2300"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2300","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2300"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635276","reference_id":"635276","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635276"},{"reference_url":"https://security.gentoo.org/glsa/201204-01","reference_id":"GLSA-201204-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201204-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106830?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@4.0.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@4.0.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106831?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106829?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106833?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106832?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1%3Fdistro=trixie"}],"aliases":["CVE-2011-2300"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-1zw2-t6v7-kqee"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203330?format=json","vulnerability_id":"VCID-4vbt-bnpu-7bc2","summary":"Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.32, 4.2.24, and 4.3.10 allows local users to affect confidentiality, integrity, and availability via vectors related to Graphics driver (WDDM) for Windows guests.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2441","reference_id":"","reference_type":"","scores":[{"value":"0.00048","scoring_system":"epss","scoring_elements":"0.15451","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-2441"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2441","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-2441"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106835?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@4.3.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@4.3.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106831?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106829?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106833?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106832?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1%3Fdistro=trixie"}],"aliases":["CVE-2014-2441"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-4vbt-bnpu-7bc2"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/203546?format=json","vulnerability_id":"VCID-8emt-1gs6-bkf4","summary":"Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.1.34, before 4.2.26, and before 4.3.14 allows local users to affect availability via vectors related to Graphics driver (WDDM) for Windows guests.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6540","reference_id":"","reference_type":"","scores":[{"value":"0.00172","scoring_system":"epss","scoring_elements":"0.38372","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-6540"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6540","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6540"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106836?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@4.3.14-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@4.3.14-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106831?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106829?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106833?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106832?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1%3Fdistro=trixie"}],"aliases":["CVE-2014-6540"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-8emt-1gs6-bkf4"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/160307?format=json","vulnerability_id":"VCID-m3ke-s2dh-8fhc","summary":"Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Guest Additions). Supported versions that are affected are Prior to 5.1.32 and Prior to 5.2.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H).","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2693","reference_id":"","reference_type":"","scores":[{"value":"0.00082","scoring_system":"epss","scoring_elements":"0.24163","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2018-2693"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2693","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2693"},{"reference_url":"http://www.securityfocus.com/bid/102702","reference_id":"102702","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:05Z/"}],"url":"http://www.securityfocus.com/bid/102702"},{"reference_url":"http://www.securitytracker.com/id/1040202","reference_id":"1040202","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:05Z/"}],"url":"http://www.securitytracker.com/id/1040202"},{"reference_url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html","reference_id":"cpujan2018-3236628.html","reference_type":"","scores":[{"value":"Track","scoring_system":"ssvc","scoring_elements":"SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-03T19:20:05Z/"}],"url":"http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"},{"reference_url":"https://security.gentoo.org/glsa/201802-01","reference_id":"GLSA-201802-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201802-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106837?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@5.2.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@5.2.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106831?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106829?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106833?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106832?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1%3Fdistro=trixie"}],"aliases":["CVE-2018-2693"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-m3ke-s2dh-8fhc"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/184482?format=json","vulnerability_id":"VCID-uhst-qwut-c3bh","summary":"Multiple vulnerabilities have been found in VirtualBox, allowing\n    local attackers to escalate their privileges or cause a Denial of Service\n    condition.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0405","reference_id":"","reference_type":"","scores":[{"value":"0.00068","scoring_system":"epss","scoring_elements":"0.21086","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2014-0405"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0405","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-0405"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735410","reference_id":"735410","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=735410"},{"reference_url":"https://security.gentoo.org/glsa/201401-13","reference_id":"GLSA-201401-13","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201401-13"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106835?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@4.3.10-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@4.3.10-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106831?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106829?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106833?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106832?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1%3Fdistro=trixie"}],"aliases":["CVE-2014-0405"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-uhst-qwut-c3bh"},{"url":"http://public2.vulnerablecode.io/api/vulnerabilities/183510?format=json","vulnerability_id":"VCID-wtuq-982w-vudc","summary":"Multiple vulnerabilities were found in VirtualBox, allowing local\n    attackers to gain escalated privileges.","references":[{"reference_url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0105","reference_id":"","reference_type":"","scores":[{"value":"0.00061","scoring_system":"epss","scoring_elements":"0.19277","published_at":"2026-06-11T12:55:00Z"}],"url":"https://api.first.org/data/v1/epss?cve=CVE-2012-0105"},{"reference_url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0105","reference_id":"","reference_type":"","scores":[],"url":"https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-0105"},{"reference_url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659951","reference_id":"659951","reference_type":"","scores":[],"url":"https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=659951"},{"reference_url":"https://security.gentoo.org/glsa/201204-01","reference_id":"GLSA-201204-01","reference_type":"","scores":[],"url":"https://security.gentoo.org/glsa/201204-01"}],"fixed_packages":[{"url":"http://public2.vulnerablecode.io/api/packages/106834?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@4.1.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@4.1.8-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106831?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106829?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.6-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106833?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.0.20-1%3Fdistro=trixie"},{"url":"http://public2.vulnerablecode.io/api/packages/106832?format=json","purl":"pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1?distro=trixie","is_vulnerable":false,"affected_by_vulnerabilities":[],"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@7.2.8-1%3Fdistro=trixie"}],"aliases":["CVE-2012-0105"],"risk_score":null,"exploitability":null,"weighted_severity":null,"resource_url":"http://public2.vulnerablecode.io/vulnerabilities/VCID-wtuq-982w-vudc"}],"risk_score":null,"resource_url":"http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox-guest-additions-iso@6.1.22-1%3Fdistro=trixie"}