all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

ZDI-24-415: (Pwn2Own) Oracle VirtualBox E1000 Uninitialized Memory Information Disclosure Vulnerability

Add to bookmarks
April 26, 2024, 5 a.m. |

ZDI: Published Advisories www.zerodayinitiative.com

This vulnerability allows local attackers to disclose sensitive information on affected installations of Oracle VirtualBox. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The ZDI has assigned a CVSS rating of 6.0. The following CVEs are assigned: CVE-2024-21113.

attacker attackers code cves cvss disclosure exploit high information information disclosure information disclosure vulnerability local memory oracle oracle virtualbox order privileged pwn2own rating sensitive sensitive information system target virtualbox vulnerability zdi

Visit resource

More from www.zerodayinitiative.com / ZDI: Published Advisories

ZDI-24-427: Adobe Acrobat Reader DC AcroForm Out-Of-Bounds Read Remote Code Execution Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +17
ZDI-24-426: Adobe Acrobat Reader DC AcroForm Use-After-Free Information Disclosure Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +19
ZDI-24-425: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-424: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-423: Adobe Acrobat Reader DC AcroForm Use-After-Free Remote Code Execution Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-422: Adobe Acrobat Reader DC Annotation Use-After-Free Remote Code Execution Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
acrobat acrobat reader adobe adobe acrobat +18
ZDI-24-421: SonicWALL GMS Virtual Appliance ECMClientAuthenticator Hard-Coded Credential Authentication Bypass Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attackers authentication authentication bypass bypass +14
ZDI-24-420: SonicWALL GMS Virtual Appliance ECMPolicy XML External Entity Processing Information Disclosure Vulnerability 1 day, 4 hours ago | www.zerodayinitiative.com
attackers authentication can cve +19
ZDI-24-419: (Pwn2Own) Xiaomi Pro 13 GetApps integral-dialog-page Cross-Site Scripting Remote Code Execution Vulnerability 1 week ago | www.zerodayinitiative.com
arbitrary code attackers code code execution +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Technical Product Manager, Electronic Warfare - Active Clearance

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Specialist Operations and Support/ Entry Professional - IT Security, Cyber Security & Governance

@ Norsk Hydro | Jaipur, IN
View on infosec-jobs.com

Embedded Software Engineer, Electronic Warfare

@ Anduril | Costa Mesa, California, United States
View on infosec-jobs.com

Cyber Security Analyst

@ Peraton | Chantilly, VA, United States
View on infosec-jobs.com

Principal Consultant, Proactive Security - Unit 42

@ Palo Alto Networks | Sydney, Australia
View on infosec-jobs.com

Penetration Tester Consultant

@ RSI Security | United States - Remote
View on infosec-jobs.com
View more jobs