2019
FreeBSD Bhyve - CVE-2019-5609 - OOB write or uninitialized pointer access in e1000 device
FreeBSD Bhyve - CVE-2019-5604 - OOB read in XHCI device
Oracle VirtualBox - CVE-2019-2553 - Directory traversal vulnerability in TFTP server
Oracle VirtualBox - CVE-2019-2552 - Heap overflow due to incorrect validation of TFTP blocksize option
2018
FreeBSD Bhyve - CVE-2018-17160 - Firmware configuration device OOB write
FreeBSD BOOTP - CVE-2018-17161- Stack buffer overflow in BOOTP server
Oracle VirtualBox - CVE-2018-2844 - Compiler optimization introduced double fetch in VBVA
Oracle VirtualBox - CVE-2018-2842 - Integer overflow in VDMA vboxVDMACmdCheckCrCmd
Oracle VirtualBox - CVE-2018-2845 - Integer overflow in VDMA vboxVDMACrCmdVbvaPagingFill
Oracle VirtualBox - CVE-2018-2843 - OOB write in HGSMI hgsmiChannelHandler
Oracle VirtualBox - CVE-2018-2676 - Integer overflow in HGCM
Hewlett Packard Enterprise - CVE-2018-7112 - Information disclosure in cpqsysio.sys driver
2017
QEMU - CVE-2017-11434 - OOB read in DHCP options and vendor extensions parsing
Oracle VirtualBox - CVE-2017-10233 - Buffer overflow in VirtualKD debugger device
Oracle VirtualBox - CVE-2017-10428 - Uninitialized memory disclosure in Pluggable Device Manager (PDM)
Oracle VirtualBox - CVE-2017-10210 - VMSVGA integer overflow while validating numMipLevels in vmsvga3dSurfaceDefine
Oracle VirtualBox - CVE-2017-10236 - VMSVGA paMipLevelSizes not validated in vmsvga3dSurfaceDefine
Oracle VirtualBox - CVE-2017-10240, CVE-2017-10408 - VMSVGA integer overflows in vmsvga3dSurfaceDMA
Oracle VirtualBox - CVE-2017-10239, CVE-2017-10407 - VMSVGA integer overflows in vmsvgaGMRTransfer
Oracle VirtualBox - CVE-2017-10392 - VMSVGA memory corruption in SVGA_CMD_DEFINE_CURSOR
2016
Oracle VirtualBox - CVE-2016-5610 - Heap overflow vulnerability in NAT DHCP server
Oracle VirtualBox - CVE-2016-5611 - OOB read vulnerability in NAT DHCP server
Oracle VirtualBox - CVE-2016-5608 - Incomplete patch for CVE-2016-3597
Oracle VirtualBox - CVE-2016-3597 - Lack of restriction in USB filters leading to kernel memory exhaustion
Apple Keynote - CVE-2016-7672 - OOB read in accessing object array leading to code execution
OpenSLP - CVE-2016-7567 - Wild copy in memcpy call of SLPFoldWhiteSpace function due to invalid size calculation
2014
Linux Kernel - CVE-2014-9585 - Improper randomization of vDSO leading to ASLR bypass in Linux kernel prior to 3.18.2
Apple Safari - CVE-2014-1349 - Use-after-free when handling invalid URLs in Apple iOS Safari
FreeBSD Bhyve - CVE-2019-5609 - OOB write or uninitialized pointer access in e1000 device
FreeBSD Bhyve - CVE-2019-5604 - OOB read in XHCI device
Oracle VirtualBox - CVE-2019-2553 - Directory traversal vulnerability in TFTP server
Oracle VirtualBox - CVE-2019-2552 - Heap overflow due to incorrect validation of TFTP blocksize option
2018
FreeBSD Bhyve - CVE-2018-17160 - Firmware configuration device OOB write
FreeBSD BOOTP - CVE-2018-17161- Stack buffer overflow in BOOTP server
Oracle VirtualBox - CVE-2018-2844 - Compiler optimization introduced double fetch in VBVA
Oracle VirtualBox - CVE-2018-2842 - Integer overflow in VDMA vboxVDMACmdCheckCrCmd
Oracle VirtualBox - CVE-2018-2845 - Integer overflow in VDMA vboxVDMACrCmdVbvaPagingFill
Oracle VirtualBox - CVE-2018-2843 - OOB write in HGSMI hgsmiChannelHandler
Oracle VirtualBox - CVE-2018-2676 - Integer overflow in HGCM
Hewlett Packard Enterprise - CVE-2018-7112 - Information disclosure in cpqsysio.sys driver
2017
QEMU - CVE-2017-11434 - OOB read in DHCP options and vendor extensions parsing
Oracle VirtualBox - CVE-2017-10233 - Buffer overflow in VirtualKD debugger device
Oracle VirtualBox - CVE-2017-10428 - Uninitialized memory disclosure in Pluggable Device Manager (PDM)
Oracle VirtualBox - CVE-2017-10210 - VMSVGA integer overflow while validating numMipLevels in vmsvga3dSurfaceDefine
Oracle VirtualBox - CVE-2017-10236 - VMSVGA paMipLevelSizes not validated in vmsvga3dSurfaceDefine
Oracle VirtualBox - CVE-2017-10240, CVE-2017-10408 - VMSVGA integer overflows in vmsvga3dSurfaceDMA
Oracle VirtualBox - CVE-2017-10239, CVE-2017-10407 - VMSVGA integer overflows in vmsvgaGMRTransfer
Oracle VirtualBox - CVE-2017-10392 - VMSVGA memory corruption in SVGA_CMD_DEFINE_CURSOR
2016
Oracle VirtualBox - CVE-2016-5610 - Heap overflow vulnerability in NAT DHCP server
Oracle VirtualBox - CVE-2016-5611 - OOB read vulnerability in NAT DHCP server
Oracle VirtualBox - CVE-2016-5608 - Incomplete patch for CVE-2016-3597
Oracle VirtualBox - CVE-2016-3597 - Lack of restriction in USB filters leading to kernel memory exhaustion
Apple Keynote - CVE-2016-7672 - OOB read in accessing object array leading to code execution
OpenSLP - CVE-2016-7567 - Wild copy in memcpy call of SLPFoldWhiteSpace function due to invalid size calculation
2014
Linux Kernel - CVE-2014-9585 - Improper randomization of vDSO leading to ASLR bypass in Linux kernel prior to 3.18.2
Apple Safari - CVE-2014-1349 - Use-after-free when handling invalid URLs in Apple iOS Safari