Django REST framework

Package Instance

Lookup for vulnerable packages by Package URL.

Purlpkg:ebuild/app-emulation/virtualbox@6.1.12
Typeebuild
Namespaceapp-emulation
Namevirtualbox
Version6.1.12
Qualifiers
Subpath
Is_vulnerablefalse
Next_non_vulnerable_version6.1.18
Latest_non_vulnerable_version7.0.12
Affected_by_vulnerabilities
Fixing_vulnerabilities
0
url VCID-114y-8qqv-z7bj
vulnerability_id VCID-114y-8qqv-z7bj
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows unauthenticated attacker with network access via MLD to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.6 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2959
reference_id
reference_type
scores
0
value 0.01335
scoring_system epss
scoring_elements 0.80397
published_at 2026-06-11T12:55:00Z
1
value 0.01335
scoring_system epss
scoring_elements 0.80458
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2959
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:53:31Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:53:31Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 8.6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:53:31Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2959
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-114y-8qqv-z7bj
1
url VCID-157e-mw2h-hkgv
vulnerability_id VCID-157e-mw2h-hkgv
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36 and prior to 6.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2703
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.35475
published_at 2026-06-11T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35655
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2703
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:33Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:33Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:33Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2703
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-157e-mw2h-hkgv
2
url VCID-1n3s-cuw5-wkg3
vulnerability_id VCID-1n3s-cuw5-wkg3
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2743
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.27668
published_at 2026-06-12T12:55:00Z
1
value 0.00102
scoring_system epss
scoring_elements 0.27466
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2743
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:29Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:29Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:29Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-500/
reference_id ZDI-20-500
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:29Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-500/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2743
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1n3s-cuw5-wkg3
3
url VCID-1xgj-rj68-sket
vulnerability_id VCID-1xgj-rj68-sket
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14648
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3497
published_at 2026-06-12T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3479
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14648
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:33Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:33Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:33Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:33Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-889/
reference_id ZDI-20-889
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:33Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-889/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14648
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1xgj-rj68-sket
4
url VCID-1zh2-gn8s-ukev
vulnerability_id VCID-1zh2-gn8s-ukev
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14694
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3497
published_at 2026-06-12T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3479
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14694
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:33Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:33Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:33Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:33Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-899/
reference_id ZDI-20-899
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:33Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-899/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14694
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-1zh2-gn8s-ukev
5
url VCID-2y5c-yzxj-c3bm
vulnerability_id VCID-2y5c-yzxj-c3bm
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14695
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3497
published_at 2026-06-12T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3479
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14695
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:31Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:31Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:31Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:31Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-900/
reference_id ZDI-20-900
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:31Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-900/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14695
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-2y5c-yzxj-c3bm
6
url VCID-31cj-hrxd-f7dg
vulnerability_id VCID-31cj-hrxd-f7dg
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14647
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38096
published_at 2026-06-12T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.3792
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14647
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:54Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:54Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-890/
reference_id ZDI-20-890
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:54Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-890/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14647
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-31cj-hrxd-f7dg
7
url VCID-3yb4-zrrj-cqge
vulnerability_id VCID-3yb4-zrrj-cqge
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14713
reference_id
reference_type
scores
0
value 0.00091
scoring_system epss
scoring_elements 0.25888
published_at 2026-06-12T12:55:00Z
1
value 0.00091
scoring_system epss
scoring_elements 0.25688
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14713
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:19Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:19Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:19Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:19Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14713
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-3yb4-zrrj-cqge
8
url VCID-447x-xr4a-gfa2
vulnerability_id VCID-447x-xr4a-gfa2
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2875
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35142
published_at 2026-06-11T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.3532
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2875
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:57Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:57Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:57Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2875
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-447x-xr4a-gfa2
9
url VCID-4egs-5nbt-qudp
vulnerability_id VCID-4egs-5nbt-qudp
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14698
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3497
published_at 2026-06-12T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3479
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14698
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:29Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:29Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:29Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:29Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-901/
reference_id ZDI-20-901
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:29Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-901/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14698
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-4egs-5nbt-qudp
10
url VCID-52jb-gzs8-27f3
vulnerability_id VCID-52jb-gzs8-27f3
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2848
reference_id
reference_type
scores
0
value 0.00142
scoring_system epss
scoring_elements 0.34182
published_at 2026-06-11T12:55:00Z
1
value 0.00142
scoring_system epss
scoring_elements 0.3436
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2848
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:15Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:15Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:15Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2848
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-52jb-gzs8-27f3
11
url VCID-56ar-g74y-gqb2
vulnerability_id VCID-56ar-g74y-gqb2
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2704
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31057
published_at 2026-06-11T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31252
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2704
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:32Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:32Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:32Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2704
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-56ar-g74y-gqb2
12
url VCID-58kn-ezka-ybhd
vulnerability_id VCID-58kn-ezka-ybhd
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2865
reference_id
reference_type
scores
0
value 0.00157
scoring_system epss
scoring_elements 0.36332
published_at 2026-06-11T12:55:00Z
1
value 0.00157
scoring_system epss
scoring_elements 0.36513
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2865
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:36Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:36Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:36Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2865
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-58kn-ezka-ybhd
13
url VCID-5yef-247e-gkhg
vulnerability_id VCID-5yef-247e-gkhg
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2866
reference_id
reference_type
scores
0
value 0.00157
scoring_system epss
scoring_elements 0.36332
published_at 2026-06-11T12:55:00Z
1
value 0.00157
scoring_system epss
scoring_elements 0.36513
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2866
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:35Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:35Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:35Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2866
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5yef-247e-gkhg
14
url VCID-5zzu-jrqv-p3hj
vulnerability_id VCID-5zzu-jrqv-p3hj
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2929
reference_id
reference_type
scores
0
value 0.00206
scoring_system epss
scoring_elements 0.42902
published_at 2026-06-12T12:55:00Z
1
value 0.00206
scoring_system epss
scoring_elements 0.42742
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2929
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:17Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:17Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:17Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-508/
reference_id ZDI-20-508
reference_type
scores
0
value 7.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:17Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-508/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2929
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-5zzu-jrqv-p3hj
15
url VCID-685b-q78r-ekdg
vulnerability_id VCID-685b-q78r-ekdg
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 2.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2909
reference_id
reference_type
scores
0
value 0.00224
scoring_system epss
scoring_elements 0.45179
published_at 2026-06-11T12:55:00Z
1
value 0.00224
scoring_system epss
scoring_elements 0.45329
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2909
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 2.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:16Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 2.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:16Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 2.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:16Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2909
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-685b-q78r-ekdg
16
url VCID-6ht2-hg5x-9qbs
vulnerability_id VCID-6ht2-hg5x-9qbs
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2758
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37569
published_at 2026-06-12T12:55:00Z
1
value 0.00165
scoring_system epss
scoring_elements 0.37392
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2758
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:41Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:41Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:41Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-507/
reference_id ZDI-20-507
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:41Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-507/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2758
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6ht2-hg5x-9qbs
17
url VCID-6jmf-7zvc-p7gc
vulnerability_id VCID-6jmf-7zvc-p7gc
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3026
reference_id
reference_type
scores
0
value 0.00116
scoring_system epss
scoring_elements 0.29909
published_at 2026-06-11T12:55:00Z
1
value 0.00116
scoring_system epss
scoring_elements 0.30105
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3026
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:08Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:08Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:08Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-19-917/
reference_id ZDI-19-917
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:08Z/
url https://www.zerodayinitiative.com/advisories/ZDI-19-917/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-3026
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-6jmf-7zvc-p7gc
18
url VCID-7db8-2qqz-wffz
vulnerability_id VCID-7db8-2qqz-wffz
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox as well as unauthorized update, insert or delete access to some of Oracle VM VirtualBox accessible data and unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 7.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:L/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2944
reference_id
reference_type
scores
0
value 0.00226
scoring_system epss
scoring_elements 0.45454
published_at 2026-06-11T12:55:00Z
1
value 0.00226
scoring_system epss
scoring_elements 0.45603
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2944
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:49Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:49Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:14:49Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2944
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-7db8-2qqz-wffz
19
url VCID-8jk9-mvtf-kug1
vulnerability_id VCID-8jk9-mvtf-kug1
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2873
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35142
published_at 2026-06-11T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.3532
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2873
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:00Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:00Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:00Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2873
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8jk9-mvtf-kug1
20
url VCID-8ta9-fb66-jqb9
vulnerability_id VCID-8ta9-fb66-jqb9
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14700
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3497
published_at 2026-06-12T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3479
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14700
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:26Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:26Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:26Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:26Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-903/
reference_id ZDI-20-903
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:26Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-903/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14700
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8ta9-fb66-jqb9
21
url VCID-8zz9-de8q-jkaz
vulnerability_id VCID-8zz9-de8q-jkaz
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2908
reference_id
reference_type
scores
0
value 0.00163
scoring_system epss
scoring_elements 0.37262
published_at 2026-06-12T12:55:00Z
1
value 0.00163
scoring_system epss
scoring_elements 0.37083
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2908
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:28Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:28Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:28Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-501/
reference_id ZDI-20-501
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:28Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-501/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2908
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-8zz9-de8q-jkaz
22
url VCID-93xh-d746-5fhm
vulnerability_id VCID-93xh-d746-5fhm
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2742
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37569
published_at 2026-06-12T12:55:00Z
1
value 0.00165
scoring_system epss
scoring_elements 0.37392
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2742
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:43Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:43Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:43Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-499/
reference_id ZDI-20-499
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:43Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-499/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2742
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-93xh-d746-5fhm
23
url VCID-96nj-tz7h-c3bb
vulnerability_id VCID-96nj-tz7h-c3bb
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3005
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.44198
published_at 2026-06-11T12:55:00Z
1
value 0.00216
scoring_system epss
scoring_elements 0.44351
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3005
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:22Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:22Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:22Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-3005
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-96nj-tz7h-c3bb
24
url VCID-9dnn-vdfk-7kc8
vulnerability_id VCID-9dnn-vdfk-7kc8
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2951
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.35655
published_at 2026-06-12T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35475
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2951
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:15Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:15Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:00:15Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2951
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9dnn-vdfk-7kc8
25
url VCID-9qq3-pb4e-aydy
vulnerability_id VCID-9qq3-pb4e-aydy
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2958
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2958
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:13Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:13Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:13Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2958
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9qq3-pb4e-aydy
26
url VCID-9wgf-v7rf-tube
vulnerability_id VCID-9wgf-v7rf-tube
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2894
reference_id
reference_type
scores
0
value 0.00118
scoring_system epss
scoring_elements 0.30388
published_at 2026-06-12T12:55:00Z
1
value 0.00118
scoring_system epss
scoring_elements 0.30192
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2894
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:34Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:34Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:34Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-581/
reference_id ZDI-20-581
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:34Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-581/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2894
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-9wgf-v7rf-tube
27
url VCID-a8f7-x6ah-pygx
vulnerability_id VCID-a8f7-x6ah-pygx
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2705
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31057
published_at 2026-06-11T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31252
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2705
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:30Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:30Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:30Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2705
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-a8f7-x6ah-pygx
28
url VCID-b9de-yv3t-9qe2
vulnerability_id VCID-b9de-yv3t-9qe2
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3002
reference_id
reference_type
scores
0
value 0.00216
scoring_system epss
scoring_elements 0.44198
published_at 2026-06-11T12:55:00Z
1
value 0.00216
scoring_system epss
scoring_elements 0.44351
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3002
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:26Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:26Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:26Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-3002
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-b9de-yv3t-9qe2
29
url VCID-bde4-nhak-gkh7
vulnerability_id VCID-bde4-nhak-gkh7
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 3.2 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2748
reference_id
reference_type
scores
0
value 0.00071
scoring_system epss
scoring_elements 0.21949
published_at 2026-06-12T12:55:00Z
1
value 0.00071
scoring_system epss
scoring_elements 0.2176
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2748
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:18Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:18Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:18Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-506/
reference_id ZDI-20-506
reference_type
scores
0
value 3.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:18Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-506/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2748
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bde4-nhak-gkh7
30
url VCID-bj3q-fr93-kyhf
vulnerability_id VCID-bj3q-fr93-kyhf
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14703
reference_id
reference_type
scores
0
value 0.00164
scoring_system epss
scoring_elements 0.37331
published_at 2026-06-12T12:55:00Z
1
value 0.00164
scoring_system epss
scoring_elements 0.37153
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14703
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:22Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:22Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:22Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:22Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-905/
reference_id ZDI-20-905
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:22Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-905/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14703
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bj3q-fr93-kyhf
31
url VCID-bnmj-mfvp-d3cu
vulnerability_id VCID-bnmj-mfvp-d3cu
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2702
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2702
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:56Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:56Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:56Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2702
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-bnmj-mfvp-d3cu
32
url VCID-c2cp-jxgg-nqhq
vulnerability_id VCID-c2cp-jxgg-nqhq
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2690
reference_id
reference_type
scores
0
value 0.00537
scoring_system epss
scoring_elements 0.67978
published_at 2026-06-11T12:55:00Z
1
value 0.00537
scoring_system epss
scoring_elements 0.68067
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2690
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:46Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:46Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:46Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2690
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c2cp-jxgg-nqhq
33
url VCID-c51v-gwpq-kkfs
vulnerability_id VCID-c51v-gwpq-kkfs
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2693
reference_id
reference_type
scores
0
value 0.00152
scoring_system epss
scoring_elements 0.35634
published_at 2026-06-11T12:55:00Z
1
value 0.00152
scoring_system epss
scoring_elements 0.35814
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2693
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:41Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:41Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:41Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2693
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-c51v-gwpq-kkfs
34
url VCID-cp5m-kjgs-kufs
vulnerability_id VCID-cp5m-kjgs-kufs
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2698
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2698
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:58Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:58Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:58Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2698
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-cp5m-kjgs-kufs
35
url VCID-drp1-wc8f-jqgp
vulnerability_id VCID-drp1-wc8f-jqgp
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 2.8 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2850
reference_id
reference_type
scores
0
value 0.00202
scoring_system epss
scoring_elements 0.42236
published_at 2026-06-11T12:55:00Z
1
value 0.00202
scoring_system epss
scoring_elements 0.42401
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2850
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:13Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:13Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:13Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2850
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-drp1-wc8f-jqgp
36
url VCID-du2s-egmg-ykd9
vulnerability_id VCID-du2s-egmg-ykd9
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2689
reference_id
reference_type
scores
0
value 0.00143
scoring_system epss
scoring_elements 0.34294
published_at 2026-06-11T12:55:00Z
1
value 0.00143
scoring_system epss
scoring_elements 0.34472
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2689
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:47Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:47Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:47Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2689
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-du2s-egmg-ykd9
37
url VCID-e3mr-d3au-43c7
vulnerability_id VCID-e3mr-d3au-43c7
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14649
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38096
published_at 2026-06-12T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.3792
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14649
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:53Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:53Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:53Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:53Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-891/
reference_id ZDI-20-891
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:53Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-891/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14649
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e3mr-d3au-43c7
38
url VCID-e72f-mrkr-duft
vulnerability_id VCID-e72f-mrkr-duft
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: The CVE-2020-14711 is applicable to macOS host only. CVSS 3.1 Base Score 6.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14711
reference_id
reference_type
scores
0
value 0.00302
scoring_system epss
scoring_elements 0.54055
published_at 2026-06-12T12:55:00Z
1
value 0.00302
scoring_system epss
scoring_elements 0.5393
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14711
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:21Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:21Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:21Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 6.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:R/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:21Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14711
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-e72f-mrkr-duft
39
url VCID-ejw9-cd2u-1yhc
vulnerability_id VCID-ejw9-cd2u-1yhc
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14714
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.26357
published_at 2026-06-12T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.26156
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14714
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:09Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:09Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:09Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:09Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14714
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ejw9-cd2u-1yhc
40
url VCID-gyzy-wtka-dbf4
vulnerability_id VCID-gyzy-wtka-dbf4
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14629
reference_id
reference_type
scores
0
value 0.00164
scoring_system epss
scoring_elements 0.37331
published_at 2026-06-12T12:55:00Z
1
value 0.00164
scoring_system epss
scoring_elements 0.37153
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14629
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:58:00Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:58:00Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:58:00Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:58:00Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-887/
reference_id ZDI-20-887
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:58:00Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-887/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14629
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-gyzy-wtka-dbf4
41
url VCID-h3y6-fveb-gbd9
vulnerability_id VCID-h3y6-fveb-gbd9
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2727
reference_id
reference_type
scores
0
value 0.00135
scoring_system epss
scoring_elements 0.33314
published_at 2026-06-12T12:55:00Z
1
value 0.00135
scoring_system epss
scoring_elements 0.33132
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2727
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:00Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:00Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:00Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2727
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-h3y6-fveb-gbd9
42
url VCID-hnce-udfc-9ude
vulnerability_id VCID-hnce-udfc-9ude
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.0 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14712
reference_id
reference_type
scores
0
value 0.00312
scoring_system epss
scoring_elements 0.54891
published_at 2026-06-12T12:55:00Z
1
value 0.00312
scoring_system epss
scoring_elements 0.54768
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14712
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:10Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:10Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:10Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:10Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14712
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hnce-udfc-9ude
43
url VCID-hufz-e1gp-uuf3
vulnerability_id VCID-hufz-e1gp-uuf3
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14699
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38096
published_at 2026-06-12T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.3792
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14699
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:26Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:26Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:26Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:26Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-902/
reference_id ZDI-20-902
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-26T19:54:26Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-902/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14699
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-hufz-e1gp-uuf3
44
url VCID-huzj-6us2-dfd9
vulnerability_id VCID-huzj-6us2-dfd9
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 5.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2877
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35142
published_at 2026-06-11T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.3532
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2877
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:54Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:54Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:54Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2877
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-huzj-6us2-dfd9
45
url VCID-j2us-kjp6-xkbm
vulnerability_id VCID-j2us-kjp6-xkbm
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2864
reference_id
reference_type
scores
0
value 0.00157
scoring_system epss
scoring_elements 0.36332
published_at 2026-06-11T12:55:00Z
1
value 0.00157
scoring_system epss
scoring_elements 0.36513
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2864
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:37Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:37Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:37Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2864
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-j2us-kjp6-xkbm
46
url VCID-jtrf-gxj5-8fhw
vulnerability_id VCID-jtrf-gxj5-8fhw
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2691
reference_id
reference_type
scores
0
value 0.00416
scoring_system epss
scoring_elements 0.62144
published_at 2026-06-11T12:55:00Z
1
value 0.00416
scoring_system epss
scoring_elements 0.62246
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2691
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:44Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:44Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:44Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2691
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jtrf-gxj5-8fhw
47
url VCID-jy7h-c283-5yb3
vulnerability_id VCID-jy7h-c283-5yb3
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2575
reference_id
reference_type
scores
0
value 0.00171
scoring_system epss
scoring_elements 0.38177
published_at 2026-06-11T12:55:00Z
1
value 0.00171
scoring_system epss
scoring_elements 0.38352
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2575
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:10Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:10Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-582/
reference_id ZDI-20-582
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:10Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-582/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2575
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-jy7h-c283-5yb3
48
url VCID-kdwv-h8s2-1qcj
vulnerability_id VCID-kdwv-h8s2-1qcj
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2681
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31057
published_at 2026-06-11T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31252
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2681
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:58Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:58Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:58Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2681
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kdwv-h8s2-1qcj
49
url VCID-kgfx-x6dj-jbfm
vulnerability_id VCID-kgfx-x6dj-jbfm
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2863
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.27556
published_at 2026-06-11T12:55:00Z
1
value 0.00102
scoring_system epss
scoring_elements 0.27757
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2863
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:02Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:02Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:16:02Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2863
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-kgfx-x6dj-jbfm
50
url VCID-m2p4-zm5q-h3h1
vulnerability_id VCID-m2p4-zm5q-h3h1
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2911
reference_id
reference_type
scores
0
value 0.00165
scoring_system epss
scoring_elements 0.37569
published_at 2026-06-12T12:55:00Z
1
value 0.00165
scoring_system epss
scoring_elements 0.37392
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2911
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:27Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:27Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:27Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-551/
reference_id ZDI-20-551
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:27Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-551/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2911
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2p4-zm5q-h3h1
51
url VCID-m2tu-2zrh-93cq
vulnerability_id VCID-m2tu-2zrh-93cq
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 2.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2926
reference_id
reference_type
scores
0
value 0.00149
scoring_system epss
scoring_elements 0.35193
published_at 2026-06-11T12:55:00Z
1
value 0.00149
scoring_system epss
scoring_elements 0.3537
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2926
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:11Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:11Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:11Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2926
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m2tu-2zrh-93cq
52
url VCID-m77y-v2px-gfdg
vulnerability_id VCID-m77y-v2px-gfdg
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3021
reference_id
reference_type
scores
0
value 0.002
scoring_system epss
scoring_elements 0.42028
published_at 2026-06-11T12:55:00Z
1
value 0.002
scoring_system epss
scoring_elements 0.42193
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3021
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:12Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:12Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:12Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-3021
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-m77y-v2px-gfdg
53
url VCID-mbgp-6s2y-2qgg
vulnerability_id VCID-mbgp-6s2y-2qgg
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2701
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2701
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:57Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:57Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
3
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-550/
reference_id ZDI-20-550
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:57Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-550/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2701
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-mbgp-6s2y-2qgg
54
url VCID-nda1-ekng-2fc1
vulnerability_id VCID-nda1-ekng-2fc1
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14677
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32352
published_at 2026-06-12T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.3217
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14677
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:45Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:45Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:45Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:45Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-893/
reference_id ZDI-20-893
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:45Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-893/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14677
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-nda1-ekng-2fc1
55
url VCID-p16e-85ru-xfg1
vulnerability_id VCID-p16e-85ru-xfg1
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2859
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.34464
published_at 2026-06-11T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.34641
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2859
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:39Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:39Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:39Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2859
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-p16e-85ru-xfg1
56
url VCID-ptmf-45hp-1ye2
vulnerability_id VCID-ptmf-45hp-1ye2
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2876
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35142
published_at 2026-06-11T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.3532
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2876
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:56Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:56Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:56Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2876
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ptmf-45hp-1ye2
57
url VCID-pz7g-a8cr-eyb2
vulnerability_id VCID-pz7g-a8cr-eyb2
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2725
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.35475
published_at 2026-06-11T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35655
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2725
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:03Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:03Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:03Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2725
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-pz7g-a8cr-eyb2
58
url VCID-q3wh-w73t-vyev
vulnerability_id VCID-q3wh-w73t-vyev
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2907
reference_id
reference_type
scores
0
value 0.00163
scoring_system epss
scoring_elements 0.37262
published_at 2026-06-12T12:55:00Z
1
value 0.00163
scoring_system epss
scoring_elements 0.37083
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2907
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:35Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:35Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:35Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-509/
reference_id ZDI-20-509
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:35Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-509/
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-510/
reference_id ZDI-20-510
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:35Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-510/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2907
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-q3wh-w73t-vyev
59
url VCID-qsf3-3z8d-qbae
vulnerability_id VCID-qsf3-3z8d-qbae
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2914
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43391
published_at 2026-06-12T12:55:00Z
1
value 0.00208
scoring_system epss
scoring_elements 0.43234
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2914
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:19Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:19Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:19Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2914
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-qsf3-3z8d-qbae
60
url VCID-rex3-m37t-bkds
vulnerability_id VCID-rex3-m37t-bkds
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: The CVE-2020-14628 is applicable to Windows VM only. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14628
reference_id
reference_type
scores
0
value 0.0019
scoring_system epss
scoring_elements 0.40895
published_at 2026-06-12T12:55:00Z
1
value 0.0019
scoring_system epss
scoring_elements 0.40727
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14628
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:57Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:57Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:57Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:57Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-886/
reference_id ZDI-20-886
reference_type
scores
0
value 8.2
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:57Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-886/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14628
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rex3-m37t-bkds
61
url VCID-rswc-jhy5-uud5
vulnerability_id VCID-rswc-jhy5-uud5
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14715
reference_id
reference_type
scores
0
value 0.00094
scoring_system epss
scoring_elements 0.26357
published_at 2026-06-12T12:55:00Z
1
value 0.00094
scoring_system epss
scoring_elements 0.26156
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14715
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:08Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:08Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:08Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 4.4
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:08Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14715
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-rswc-jhy5-uud5
62
url VCID-saj1-xezb-3ye1
vulnerability_id VCID-saj1-xezb-3ye1
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2682
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2682
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:42:01Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:42:01Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:42:01Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2682
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-saj1-xezb-3ye1
63
url VCID-sgbg-1x14-dkdk
vulnerability_id VCID-sgbg-1x14-dkdk
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 5.0 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14707
reference_id
reference_type
scores
0
value 0.00221
scoring_system epss
scoring_elements 0.44987
published_at 2026-06-12T12:55:00Z
1
value 0.00221
scoring_system epss
scoring_elements 0.44837
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14707
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:16Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:16Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:16Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:16Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14707
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sgbg-1x14-dkdk
64
url VCID-sksy-v9ht-j7bc
vulnerability_id VCID-sksy-v9ht-j7bc
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2741
reference_id
reference_type
scores
0
value 0.00102
scoring_system epss
scoring_elements 0.27668
published_at 2026-06-12T12:55:00Z
1
value 0.00102
scoring_system epss
scoring_elements 0.27466
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2741
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:30Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:30Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:30Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-498/
reference_id ZDI-20-498
reference_type
scores
0
value 6
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:00:30Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-498/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2741
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-sksy-v9ht-j7bc
65
url VCID-t3hg-18un-sfct
vulnerability_id VCID-t3hg-18un-sfct
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14704
reference_id
reference_type
scores
0
value 0.00164
scoring_system epss
scoring_elements 0.37331
published_at 2026-06-12T12:55:00Z
1
value 0.00164
scoring_system epss
scoring_elements 0.37153
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14704
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:21Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:21Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:21Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:21Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-904/
reference_id ZDI-20-904
reference_type
scores
0
value 6
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-26T19:46:21Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-904/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14704
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-t3hg-18un-sfct
66
url VCID-tf85-p3d8-7ugd
vulnerability_id VCID-tf85-p3d8-7ugd
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2910
reference_id
reference_type
scores
0
value 0.00188
scoring_system epss
scoring_elements 0.40493
published_at 2026-06-11T12:55:00Z
1
value 0.00188
scoring_system epss
scoring_elements 0.40661
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2910
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:14Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:14Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T18:01:14Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2910
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-tf85-p3d8-7ugd
67
url VCID-ttqv-kzpu-yqfk
vulnerability_id VCID-ttqv-kzpu-yqfk
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2905
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2905
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:36Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:36Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:36Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2905
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-ttqv-kzpu-yqfk
68
url VCID-u5us-6b81-ybh6
vulnerability_id VCID-u5us-6b81-ybh6
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 3.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2874
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35142
published_at 2026-06-11T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.3532
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2874
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:59Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:59Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:15:59Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2874
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-u5us-6b81-ybh6
69
url VCID-uu6e-p9hd-nbg9
vulnerability_id VCID-uu6e-p9hd-nbg9
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2674
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2674
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:42:02Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:42:02Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 8.2
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:42:02Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2674
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-uu6e-p9hd-nbg9
70
url VCID-v1br-wncy-fqhk
vulnerability_id VCID-v1br-wncy-fqhk
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2726
reference_id
reference_type
scores
0
value 0.00167
scoring_system epss
scoring_elements 0.3761
published_at 2026-06-11T12:55:00Z
1
value 0.00167
scoring_system epss
scoring_elements 0.37787
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2726
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:54Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:54Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-30T14:41:54Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2726
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v1br-wncy-fqhk
71
url VCID-v433-snmb-ckdm
vulnerability_id VCID-v433-snmb-ckdm
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2902
reference_id
reference_type
scores
0
value 0.00151
scoring_system epss
scoring_elements 0.35716
published_at 2026-06-12T12:55:00Z
1
value 0.00151
scoring_system epss
scoring_elements 0.35537
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2902
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:38Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:38Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:38Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-497/
reference_id ZDI-20-497
reference_type
scores
0
value 8.8
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:38Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-497/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2902
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-v433-snmb-ckdm
72
url VCID-vb4c-mz66-ykfj
vulnerability_id VCID-vb4c-mz66-ykfj
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3028
reference_id
reference_type
scores
0
value 0.00313
scoring_system epss
scoring_elements 0.54847
published_at 2026-06-11T12:55:00Z
1
value 0.00313
scoring_system epss
scoring_elements 0.54968
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3028
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:16Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:16Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:16Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-3028
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vb4c-mz66-ykfj
73
url VCID-vrrn-fnqa-pqgv
vulnerability_id VCID-vrrn-fnqa-pqgv
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14646
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38096
published_at 2026-06-12T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.3792
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14646
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:56Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:56Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:56Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:56Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-888/
reference_id ZDI-20-888
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:56Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-888/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14646
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-vrrn-fnqa-pqgv
74
url VCID-w6ja-admc-b3e9
vulnerability_id VCID-w6ja-admc-b3e9
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3031
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.3105
published_at 2026-06-11T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31245
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3031
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:07Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:07Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:07Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-19-918/
reference_id ZDI-19-918
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:07Z/
url https://www.zerodayinitiative.com/advisories/ZDI-19-918/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-3031
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-w6ja-admc-b3e9
75
url VCID-wp7c-sqrr-2fb2
vulnerability_id VCID-wp7c-sqrr-2fb2
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14674
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31161
published_at 2026-06-12T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.30965
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14674
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:49Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:49Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:49Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:49Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-896/
reference_id ZDI-20-896
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:49Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-896/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14674
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wp7c-sqrr-2fb2
76
url VCID-wvw2-w75u-w7g8
vulnerability_id VCID-wvw2-w75u-w7g8
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14676
reference_id
reference_type
scores
0
value 0.00169
scoring_system epss
scoring_elements 0.38096
published_at 2026-06-12T12:55:00Z
1
value 0.00169
scoring_system epss
scoring_elements 0.3792
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14676
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:47Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:47Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:47Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:47Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-894/
reference_id ZDI-20-894
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:47Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-894/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14676
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-wvw2-w75u-w7g8
77
url VCID-xdv1-s6s9-hqd4
vulnerability_id VCID-xdv1-s6s9-hqd4
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-3017
reference_id
reference_type
scores
0
value 0.00148
scoring_system epss
scoring_elements 0.35105
published_at 2026-06-11T12:55:00Z
1
value 0.00148
scoring_system epss
scoring_elements 0.35283
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-3017
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:19Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:19Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:19Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-19-916/
reference_id ZDI-19-916
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:19Z/
url https://www.zerodayinitiative.com/advisories/ZDI-19-916/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-3017
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xdv1-s6s9-hqd4
78
url VCID-xku8-tqah-63cr
vulnerability_id VCID-xku8-tqah-63cr
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14650
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3497
published_at 2026-06-12T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3479
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14650
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:31Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:31Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:31Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:31Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-892/
reference_id ZDI-20-892
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:31Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-892/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14650
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xku8-tqah-63cr
79
url VCID-xmyj-aptr-2kg5
vulnerability_id VCID-xmyj-aptr-2kg5
summary Vulnerability in the Oracle VM VirtualBox component of Oracle Virtualization (subcomponent: Core). Supported versions that are affected are Prior to 5.2.32 and prior to 6.0.10. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2867
reference_id
reference_type
scores
0
value 0.00122
scoring_system epss
scoring_elements 0.31079
published_at 2026-06-12T12:55:00Z
1
value 0.00122
scoring_system epss
scoring_elements 0.30883
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2867
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:34Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
reference_id cpujul2019-5072835.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:34Z/
url http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
reference_id msg00056.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:34Z/
url http://lists.opensuse.org/opensuse-security-announce/2019-07/msg00056.html
4
reference_url https://www.zerodayinitiative.com/advisories/ZDI-19-963/
reference_id ZDI-19-963
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:34Z/
url https://www.zerodayinitiative.com/advisories/ZDI-19-963/
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-19-964/
reference_id ZDI-19-964
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:34Z/
url https://www.zerodayinitiative.com/advisories/ZDI-19-964/
6
reference_url https://www.zerodayinitiative.com/advisories/ZDI-19-965/
reference_id ZDI-19-965
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-10-15T17:16:34Z/
url https://www.zerodayinitiative.com/advisories/ZDI-19-965/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2867
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xmyj-aptr-2kg5
80
url VCID-xntk-cqbq-gygj
vulnerability_id VCID-xntk-cqbq-gygj
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14673
reference_id
reference_type
scores
0
value 0.00146
scoring_system epss
scoring_elements 0.3497
published_at 2026-06-12T12:55:00Z
1
value 0.00146
scoring_system epss
scoring_elements 0.3479
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14673
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:08Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:08Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:08Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:08Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-898/
reference_id ZDI-20-898
reference_type
scores
0
value 5.3
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-27T17:57:08Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-898/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14673
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xntk-cqbq-gygj
81
url VCID-xsv8-hucq-ubat
vulnerability_id VCID-xsv8-hucq-ubat
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2692
reference_id
reference_type
scores
0
value 0.00123
scoring_system epss
scoring_elements 0.31057
published_at 2026-06-11T12:55:00Z
1
value 0.00123
scoring_system epss
scoring_elements 0.31252
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2692
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:43Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:43Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.5
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:01:43Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2692
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-xsv8-hucq-ubat
82
url VCID-yrck-4zwq-kfcz
vulnerability_id VCID-yrck-4zwq-kfcz
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.0.20 and prior to 6.1.6. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2913
reference_id
reference_type
scores
0
value 0.00208
scoring_system epss
scoring_elements 0.43234
published_at 2026-06-11T12:55:00Z
1
value 0.00208
scoring_system epss
scoring_elements 0.43391
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2913
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:26Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpuapr2020.html
reference_id cpuapr2020.html
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:26Z/
url https://www.oracle.com/security-alerts/cpuapr2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
reference_id msg00001.html
reference_type
scores
0
value 7
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:55:26Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00001.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2913
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-yrck-4zwq-kfcz
83
url VCID-z4d6-z4xg-9yf8
vulnerability_id VCID-z4d6-z4xg-9yf8
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.44, prior to 6.0.24 and prior to 6.1.12. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-14675
reference_id
reference_type
scores
0
value 0.00131
scoring_system epss
scoring_elements 0.32352
published_at 2026-06-12T12:55:00Z
1
value 0.00131
scoring_system epss
scoring_elements 0.3217
published_at 2026-06-11T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-14675
1
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:48Z/
url https://security.gentoo.org/glsa/202101-09
2
reference_url https://www.oracle.com/security-alerts/cpujul2020.html
reference_id cpujul2020.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:48Z/
url https://www.oracle.com/security-alerts/cpujul2020.html
3
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
reference_id msg00068.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:48Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00068.html
4
reference_url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
reference_id msg00079.html
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:48Z/
url http://lists.opensuse.org/opensuse-security-announce/2020-09/msg00079.html
5
reference_url https://www.zerodayinitiative.com/advisories/ZDI-20-895/
reference_id ZDI-20-895
reference_type
scores
0
value 7.5
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2024-09-27T17:54:48Z/
url https://www.zerodayinitiative.com/advisories/ZDI-20-895/
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
1
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-14675
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z4d6-z4xg-9yf8
84
url VCID-z55r-g5r5-4bdu
vulnerability_id VCID-z55r-g5r5-4bdu
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.34 and prior to 6.0.14. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of Oracle VM VirtualBox. CVSS 3.0 Base Score 6.0 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:H/UI:N/S:C/C:N/I:N/A:H).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2019-2984
reference_id
reference_type
scores
0
value 0.00201
scoring_system epss
scoring_elements 0.42214
published_at 2026-06-11T12:55:00Z
1
value 0.00201
scoring_system epss
scoring_elements 0.42378
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2019-2984
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:50Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:50Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
reference_id cpuoct2019-5072832.html
reference_type
scores
0
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-10-01T16:13:50Z/
url http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2019-2984
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z55r-g5r5-4bdu
85
url VCID-z9k8-jbb1-bqd3
vulnerability_id VCID-z9k8-jbb1-bqd3
summary Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized read access to a subset of Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N).
references
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2020-2678
reference_id
reference_type
scores
0
value 0.00144
scoring_system epss
scoring_elements 0.34487
published_at 2026-06-11T12:55:00Z
1
value 0.00144
scoring_system epss
scoring_elements 0.34664
published_at 2026-06-12T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2020-2678
1
reference_url https://security.gentoo.org/glsa/202004-02
reference_id 202004-02
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:02:03Z/
url https://security.gentoo.org/glsa/202004-02
2
reference_url https://security.gentoo.org/glsa/202101-09
reference_id 202101-09
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:02:03Z/
url https://security.gentoo.org/glsa/202101-09
3
reference_url https://www.oracle.com/security-alerts/cpujan2020.html
reference_id cpujan2020.html
reference_type
scores
0
value 6.4
scoring_system cvssv3
scoring_elements CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:C/C:L/I:H/A:N
1
value Track
scoring_system ssvc
scoring_elements SSVCv2/E:N/A:N/T:P/P:M/B:A/M:M/D:T/2024-09-30T15:02:03Z/
url https://www.oracle.com/security-alerts/cpujan2020.html
fixed_packages
0
url pkg:ebuild/app-emulation/virtualbox@5.2.36
purl pkg:ebuild/app-emulation/virtualbox@5.2.36
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@5.2.36
1
url pkg:ebuild/app-emulation/virtualbox@6.0.24
purl pkg:ebuild/app-emulation/virtualbox@6.0.24
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.0.24
2
url pkg:ebuild/app-emulation/virtualbox@6.1.12
purl pkg:ebuild/app-emulation/virtualbox@6.1.12
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12
aliases CVE-2020-2678
risk_score null
exploitability null
weighted_severity null
resource_url http://public2.vulnerablecode.io/vulnerabilities/VCID-z9k8-jbb1-bqd3
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/packages/pkg:ebuild/app-emulation/virtualbox@6.1.12