CVE-2022-39423

MEDIUM Year: 2022
CVSS v3 Score
6.0
Medium
Weakness Type
NVD-CWE-Other
View all →

Vulnerability Description

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 6.1.38. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data. CVSS 3.1 Base Score 6.0 (Confidentiality impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:N/A:N).

Related Vulnerabilities

CVE-2015-2890

MEDIUM
CVSS:6.0(Medium)

The BIOS implementation on Dell Latitude, OptiPlex, Precision Mobile Workstation, and Precision Workstation Client Solutions (CS) devices with model-dependent firmware before A21 does not enforce a BI...

NVD-CWE-Other2015

CVE-2016-0669

MEDIUM
CVSS:6.0(Medium)

Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect integrity and availability via vectors related to Fwflash.

NVD-CWE-Other2016

CVE-2016-0697

MEDIUM
CVSS:6.0(Medium)

Unspecified vulnerability in the Oracle Application Object Library component in Oracle E-Business Suite 12.1.3, 12.2.3, 12.2.4, and 12.2.5 allows local users to affect confidentiality and integrity vi...

NVD-CWE-Other2016

CVE-2016-4964

MEDIUM
CVSS:6.0(Medium)

The mptsas_fetch_requests function in hw/scsi/mptsas.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (infinite loop, and CPU consumption or QEMU proces...

NVD-CWE-Other2016

CVE-2016-5516

MEDIUM
CVSS:6.0(Medium)

Unspecified vulnerability in the Kernel PDB component in Oracle Database Server 12.1.0.2 allows local users to affect availability via unknown vectors.

NVD-CWE-Other2016

CVE-2016-6835

MEDIUM
CVSS:6.0(Medium)

The vmxnet_tx_pkt_parse_headers function in hw/net/vmxnet_tx_pkt.c in QEMU (aka Quick Emulator) allows local guest OS administrators to cause a denial of service (buffer over-read) by leveraging failu...

NVD-CWE-Other2016