Django REST framework

Vulnerability Instance

Lookup for vulnerabilities affecting packages.

Vulnerability_idVCID-ya37-anz7-jbea
SummaryVulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 7.0.16. Easily exploitable vulnerability allows low privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. Note: This vulnerability applies to Windows hosts only. CVSS 3.1 Base Score 7.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
Aliases
0
alias CVE-2024-21111
Fixed_packages
0
url pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
purl pkg:deb/debian/virtualbox@7.0.16-dfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.0.16-dfsg-1%3Fdistro=sid
1
url pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
purl pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-3.2%3Fdistro=sid
2
url pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
purl pkg:deb/debian/virtualbox@7.2.6-dfsg-4?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.6-dfsg-4%3Fdistro=sid
3
url pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid
purl pkg:deb/debian/virtualbox@7.2.8-dfsg-1?distro=sid
is_vulnerable false
affected_by_vulnerabilities
resource_url http://public2.vulnerablecode.io/packages/pkg:deb/debian/virtualbox@7.2.8-dfsg-1%3Fdistro=sid
Affected_packages
References
0
reference_url https://api.first.org/data/v1/epss?cve=CVE-2024-21111
reference_id
reference_type
scores
0
value 0.09561
scoring_system epss
scoring_elements 0.92885
published_at 2026-04-26T12:55:00Z
1
value 0.09561
scoring_system epss
scoring_elements 0.9288
published_at 2026-04-29T12:55:00Z
2
value 0.09561
scoring_system epss
scoring_elements 0.92841
published_at 2026-04-02T12:55:00Z
3
value 0.09561
scoring_system epss
scoring_elements 0.92845
published_at 2026-04-04T12:55:00Z
4
value 0.09561
scoring_system epss
scoring_elements 0.92843
published_at 2026-04-07T12:55:00Z
5
value 0.09561
scoring_system epss
scoring_elements 0.92852
published_at 2026-04-08T12:55:00Z
6
value 0.09561
scoring_system epss
scoring_elements 0.92855
published_at 2026-04-09T12:55:00Z
7
value 0.09561
scoring_system epss
scoring_elements 0.9286
published_at 2026-04-13T12:55:00Z
8
value 0.09561
scoring_system epss
scoring_elements 0.9287
published_at 2026-04-16T12:55:00Z
9
value 0.09561
scoring_system epss
scoring_elements 0.92871
published_at 2026-04-18T12:55:00Z
10
value 0.09561
scoring_system epss
scoring_elements 0.92876
published_at 2026-04-21T12:55:00Z
11
value 0.09561
scoring_system epss
scoring_elements 0.92882
published_at 2026-04-24T12:55:00Z
12
value 0.11116
scoring_system epss
scoring_elements 0.93546
published_at 2026-05-14T12:55:00Z
13
value 0.11116
scoring_system epss
scoring_elements 0.93528
published_at 2026-05-11T12:55:00Z
14
value 0.11116
scoring_system epss
scoring_elements 0.93534
published_at 2026-05-12T12:55:00Z
15
value 0.11116
scoring_system epss
scoring_elements 0.93504
published_at 2026-05-05T12:55:00Z
16
value 0.11116
scoring_system epss
scoring_elements 0.93517
published_at 2026-05-07T12:55:00Z
url https://api.first.org/data/v1/epss?cve=CVE-2024-21111
1
reference_url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:*:*:*:*:*:*:*
reference_id cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:*:*:*:*:*:*:*
reference_type
scores
url https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:vm_virtualbox:prior_to_7.0.16:*:*:*:*:*:*:*
2
reference_url https://www.oracle.com/security-alerts/cpuapr2024.html
reference_id cpuapr2024.html
reference_type
scores
0
value 7.8
scoring_system cvssv3.1
scoring_elements CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
1
value Track*
scoring_system ssvc
scoring_elements SSVCv2/E:P/A:N/T:T/P:M/B:A/M:M/D:R/2024-04-30T04:00:07Z/
url https://www.oracle.com/security-alerts/cpuapr2024.html
3
reference_url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/52287.C++
reference_id CVE-2024-21111
reference_type exploit
scores
url https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/local/52287.C++
Weaknesses
Exploits
0
date_added 2025-05-09
description VirtualBox 7.0.16 - Privilege Escalation
required_action null
due_date null
notes null
known_ransomware_campaign_use false
source_date_published 2025-05-09
exploit_type local
platform windows
source_date_updated 2025-05-09
data_source Exploit-DB
source_url
Severity_range_score7.8 - 7.8
Exploitabilitynull
Weighted_severitynull
Risk_scorenull
Resource_urlhttp://public2.vulnerablecode.io/vulnerabilities/VCID-ya37-anz7-jbea