Showing 1 - 4 of 4

CVE-2020-2693

Status Candidate

Overview

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:N/A:N).

Related Files

Gentoo Linux Security Advisory 202101-35: Posted Jan 28, 2021; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 202101-35 - Multiple vulnerabilities have been found in phpMyAdmin, allowing remote attackers to conduct XSS. Versions less than 4.9.6:4.9.6 are affected.; tags | advisory, remote, vulnerability; systems | linux, gentoo; advisories | CVE-2020-26934, CVE-2020-26935; SHA-256 | a00d282583eadfe791d654d1c397ac8815321e7719d32ddd9a847d3f7a0b1fe4; Download | Favorite | View

Debian Security Advisory 4818-1: Posted Dec 28, 2020; Authored by Debian | Site debian.org; Debian Linux Security Advisory 4818-1 - Several vulnerabilities were discovered in Sympa, a mailing list manager, which could result in local privilege escalation, denial of service or unauthorized access via the SOAP API.; tags | advisory, denial of service, local, vulnerability; systems | linux, debian; advisories | CVE-2020-10936, CVE-2020-26932, CVE-2020-29668, CVE-2020-9369; SHA-256 | b5e2af845768d3755cb9be263eef29650e1f5a4b75aef651239c12da54242c22; Download | Favorite | View

Ubuntu Security Notice USN-4639-1: Posted Nov 20, 2020; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 4639-1 - It was discovered that there was a bug in the way phpMyAdmin handles the phpMyAdmin Configuration Storage tables. An authenticated attacker could use this vulnerability to cause phpmyAdmin to leak sensitive files. It was discovered that phpMyAdmin incorrectly handled user input. An attacker could possibly use this for an XSS attack. It was discovered that phpMyAdmin mishandled certain input. An attacker could use this vulnerability to execute a cross-site scripting attack via a crafted URL. Various other issues were also addressed.; tags | advisory, xss; systems | linux, ubuntu; advisories | CVE-2018-19968, CVE-2018-19970, CVE-2018-7260, CVE-2019-11768, CVE-2019-12616, CVE-2019-6799, CVE-2020-10802, CVE-2020-10803, CVE-2020-26934, CVE-2020-26935, CVE-2020-5504; SHA-256 | 0779e7fa341ac78947934c261f4952b8924a503204b0c78b2229b84b8e1cf6f8; Download | Favorite | View