VDB
GCVE-110-MAGEIA-2025-27
GCVE-110-MAGEIA-2025-27
Advisory Published
Vulnerability in the Oracle VM VirtualBox product of Oracle
Virtualization (component: Core). Supported versions that are affected
are Prior to 7.0.24 and prior to 7.1.6. Easily exploitable vulnerability
allows high privileged attacker with logon to the infrastructure where
Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While
the vulnerability is in Oracle VM VirtualBox, attacks may significantly
impact additional products (scope change). Successful attacks of this
vulnerability can result in unauthorized creation, deletion or
modification access to critical data or all Oracle VM VirtualBox
accessible data as well as unauthorized read access to a subset of
Oracle VM VirtualBox accessible data and unauthorized ability to cause a
partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS
3.1 Base Score 7.3 (Confidentiality, Integrity and Availability
impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:L/I:H/A:L)
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | virtualbox | 0 (affected), 7.0.24-1.mga9 (unaffected), 7.0.24-1.mga9 (unaffected), 0 (affected) | — |
| Mageia | kmod-virtualbox | 0 (affected), 0 (affected), 7.0.24-63.mga9 (unaffected), 7.0.24-63.mga9 (unaffected) | — |
| Mageia | tor | 0.4.7.13-1.1.mga9 (unaffected), 0 (affected) | — |
Aliases
References
Updated tor package fix bug
advisory
Browse GCVE Records
73,866 records in the GCVE database · Updated July 19, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.