python-virtualbox-5.1.10-2.5 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:10020-1 Final 1 1 2024-06-15T00:00:00Z current 2024-06-15T00:00:00Z 2024-06-15T00:00:00Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z python-virtualbox-5.1.10-2.5 on GA media These are all security issues fixed in the python-virtualbox-5.1.10-2.5 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-10020 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2014-0224/ SUSE CVE CVE-2014-0224 page https://www.suse.com/security/cve/CVE-2014-6588/ SUSE CVE CVE-2014-6588 page https://www.suse.com/security/cve/CVE-2014-6589/ SUSE CVE CVE-2014-6589 page https://www.suse.com/security/cve/CVE-2014-6590/ SUSE CVE CVE-2014-6590 page https://www.suse.com/security/cve/CVE-2014-6595/ SUSE CVE CVE-2014-6595 page https://www.suse.com/security/cve/CVE-2015-0377/ SUSE CVE CVE-2015-0377 page https://www.suse.com/security/cve/CVE-2015-0418/ SUSE CVE CVE-2015-0418 page https://www.suse.com/security/cve/CVE-2015-0427/ SUSE CVE CVE-2015-0427 page https://www.suse.com/security/cve/CVE-2015-3456/ SUSE CVE CVE-2015-3456 page https://www.suse.com/security/cve/CVE-2015-4813/ SUSE CVE CVE-2015-4813 page https://www.suse.com/security/cve/CVE-2015-4896/ SUSE CVE CVE-2015-4896 page https://www.suse.com/security/cve/CVE-2016-0678/ SUSE CVE CVE-2016-0678 page https://www.suse.com/security/cve/CVE-2016-5501/ SUSE CVE CVE-2016-5501 page https://www.suse.com/security/cve/CVE-2016-5538/ SUSE CVE CVE-2016-5538 page https://www.suse.com/security/cve/CVE-2016-5605/ SUSE CVE CVE-2016-5605 page https://www.suse.com/security/cve/CVE-2016-5608/ SUSE CVE CVE-2016-5608 page https://www.suse.com/security/cve/CVE-2016-5610/ SUSE CVE CVE-2016-5610 page https://www.suse.com/security/cve/CVE-2016-5611/ SUSE CVE CVE-2016-5611 page https://www.suse.com/security/cve/CVE-2016-561313/ SUSE CVE CVE-2016-561313 page openSUSE Tumbleweed python-virtualbox-5.1.10-2.5 virtualbox-5.1.10-2.5 virtualbox-devel-5.1.10-2.5 virtualbox-guest-desktop-icons-5.1.10-2.5 virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 virtualbox-guest-tools-5.1.10-2.5 virtualbox-guest-x11-5.1.10-2.5 virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 virtualbox-host-source-5.1.10-2.5 virtualbox-qt-5.1.10-2.5 virtualbox-websrv-5.1.10-2.5 python-virtualbox-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-devel-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-guest-desktop-icons-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 as a component of openSUSE Tumbleweed virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 as a component of openSUSE Tumbleweed virtualbox-guest-tools-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-guest-x11-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 as a component of openSUSE Tumbleweed virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 as a component of openSUSE Tumbleweed virtualbox-host-source-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-qt-5.1.10-2.5 as a component of openSUSE Tumbleweed virtualbox-websrv-5.1.10-2.5 as a component of openSUSE Tumbleweed OpenSSL before 0.9.8za, 1.0.0 before 1.0.0m, and 1.0.1 before 1.0.1h does not properly restrict processing of ChangeCipherSpec messages, which allows man-in-the-middle attackers to trigger use of a zero-length master key in certain OpenSSL-to-OpenSSL communications, and consequently hijack sessions or obtain sensitive information, via a crafted TLS handshake, aka the "CCS Injection" vulnerability. CVE-2014-0224 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 important 5.8 AV:N/AC:M/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-0224.html CVE-2014-0224 https://bugzilla.suse.com/1146657 SUSE Bug 1146657 https://bugzilla.suse.com/880891 SUSE Bug 880891 https://bugzilla.suse.com/881743 SUSE Bug 881743 https://bugzilla.suse.com/883126 SUSE Bug 883126 https://bugzilla.suse.com/885777 SUSE Bug 885777 https://bugzilla.suse.com/892403 SUSE Bug 892403 https://bugzilla.suse.com/901237 SUSE Bug 901237 https://bugzilla.suse.com/903703 SUSE Bug 903703 https://bugzilla.suse.com/905018 SUSE Bug 905018 https://bugzilla.suse.com/905106 SUSE Bug 905106 https://bugzilla.suse.com/914447 SUSE Bug 914447 https://bugzilla.suse.com/915913 SUSE Bug 915913 https://bugzilla.suse.com/916239 SUSE Bug 916239 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6589, CVE-2014-6590, CVE-2014-6595, and CVE-2015-0427. CVE-2014-6588 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 3.2 AV:L/AC:L/Au:S/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-6588.html CVE-2014-6588 https://bugzilla.suse.com/914447 SUSE Bug 914447 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6590, CVE-2014-6595, and CVE-2015-0427. CVE-2014-6589 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 3.2 AV:L/AC:L/Au:S/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-6589.html CVE-2014-6589 https://bugzilla.suse.com/914447 SUSE Bug 914447 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6595, and CVE-2015-0427. CVE-2014-6590 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 3.2 AV:L/AC:L/Au:S/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-6590.html CVE-2014-6590 https://bugzilla.suse.com/914447 SUSE Bug 914447 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2015-0427. CVE-2014-6595 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 3.2 AV:L/AC:L/Au:S/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2014-6595.html CVE-2014-6595 https://bugzilla.suse.com/914447 SUSE Bug 914447 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0418. CVE-2015-0377 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 4.4 AV:L/AC:M/Au:S/C:N/I:N/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-0377.html CVE-2015-0377 https://bugzilla.suse.com/914447 SUSE Bug 914447 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 3.2.26, 4.0.28, 4.1.36, and 4.2.28 allows local users to affect availability via unknown vectors related to Core, a different vulnerability than CVE-2015-0377. CVE-2015-0418 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-0418.html CVE-2015-0418 https://bugzilla.suse.com/914447 SUSE Bug 914447 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.3.20 allows local users to affect integrity and availability via vectors related to VMSVGA virtual graphics device, a different vulnerability than CVE-2014-6588, CVE-2014-6589, CVE-2014-6590, and CVE-2014-6595. CVE-2015-0427 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 3.2 AV:L/AC:L/Au:S/C:N/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-0427.html CVE-2015-0427 https://bugzilla.suse.com/914447 SUSE Bug 914447 The Floppy Disk Controller (FDC) in QEMU, as used in Xen 4.5.x and earlier and KVM, allows local guest users to cause a denial of service (out-of-bounds write and guest crash) or possibly execute arbitrary code via the (1) FD_CMD_READ_ID, (2) FD_CMD_DRIVE_SPECIFICATION_COMMAND, or other unspecified commands, aka VENOM. CVE-2015-3456 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 7.7 AV:A/AC:L/Au:S/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-3456.html CVE-2015-3456 https://bugzilla.suse.com/929339 SUSE Bug 929339 https://bugzilla.suse.com/932770 SUSE Bug 932770 https://bugzilla.suse.com/935900 SUSE Bug 935900 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox prior to 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when using a Windows guest, allows local users to affect availability via unknown vectors related to Core. CVE-2015-4813 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4813.html CVE-2015-4813 https://bugzilla.suse.com/951432 SUSE Bug 951432 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 4.0.34, 4.1.42, 4.2.34, 4.3.32, and 5.0.8, when a VM has the Remote Display feature (RDP) enabled, allows remote attackers to affect availability via unknown vectors related to Core. CVE-2015-4896 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 5 AV:N/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2015-4896.html CVE-2015-4896 https://bugzilla.suse.com/951432 SUSE Bug 951432 Unspecified vulnerability in the Oracle VM VirtualBox component in Oracle Virtualization VirtualBox before 5.0.18 allows local users to affect confidentiality, integrity, and availability via vectors related to Core. CVE-2016-0678 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 4.1 AV:L/AC:M/Au:S/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-0678.html CVE-2016-0678 https://bugzilla.suse.com/976636 SUSE Bug 976636 Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5538. CVE-2016-5501 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5501.html CVE-2016-5501 https://bugzilla.suse.com/1005621 SUSE Bug 1005621 Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core, a different vulnerability than CVE-2016-5501. CVE-2016-5538 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 7.2 AV:L/AC:L/Au:N/C:C/I:C/A:C To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5538.html CVE-2016-5538 https://bugzilla.suse.com/1005621 SUSE Bug 1005621 Unspecified vulnerability in the Oracle VM VirtualBox component before 5.1.4 in Oracle Virtualization allows remote attackers to affect confidentiality and integrity via vectors related to VRDE. CVE-2016-5605 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 6.4 AV:N/AC:L/Au:N/C:P/I:P/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5605.html CVE-2016-5605 https://bugzilla.suse.com/1005621 SUSE Bug 1005621 Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect availability via vectors related to Core, a different vulnerability than CVE-2016-5613. CVE-2016-5608 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 2.1 AV:L/AC:L/Au:N/C:N/I:N/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5608.html CVE-2016-5608 https://bugzilla.suse.com/1005621 SUSE Bug 1005621 Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality, integrity, and availability via vectors related to Core. CVE-2016-5610 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 4.6 AV:L/AC:L/Au:N/C:P/I:P/A:P To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5610.html CVE-2016-5610 https://bugzilla.suse.com/1005621 SUSE Bug 1005621 Unspecified vulnerability in the Oracle VM VirtualBox component before 5.0.28 and 5.1.x before 5.1.8 in Oracle Virtualization allows local users to affect confidentiality via vectors related to Core. CVE-2016-5611 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate 2.1 AV:L/AC:L/Au:N/C:P/I:N/A:N To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-5611.html CVE-2016-5611 https://bugzilla.suse.com/1005621 SUSE Bug 1005621 unknown CVE-2016-561313 openSUSE Tumbleweed:python-virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-devel-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-desktop-icons-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-guest-tools-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-guest-x11-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-default-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-kmp-pae-5.1.10_k4.8.13_1-2.5 openSUSE Tumbleweed:virtualbox-host-source-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-qt-5.1.10-2.5 openSUSE Tumbleweed:virtualbox-websrv-5.1.10-2.5 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2016-561313.html CVE-2016-561313 https://bugzilla.suse.com/1005621 SUSE Bug 1005621