Lucene search
K

13053 matches found

CISA
CISA
added 2024/03/06 12:0 p.m.5 views

VMware Releases Security Advisory for Multiple Products

VMware released a security advisory to address multiple vulnerabilities in ESXi, Workstation, Fusion, and Cloud Foundation. A cyber threat actor could exploit one of these vulnerabilities to take control of an affected system. CISA encourages users and administrators to review the following VMwar...

7.6AI score
Exploits0References1
The Hacker News
The Hacker News
added 2024/03/06 7:20 a.m.51 views

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB...

9.3CVSS7.9AI score0.03542EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/06 12:0 a.m.5 views

The vulnerability of the UHCI controller in VMware ESXi, Workstation, Fusion, and Cloud Foundation software products allows attackers to compromise protected information.

The vulnerability of the UHCI-based USB controller in VMware ESXi, Workstation, Fusion, and Cloud Foundation software products is related to the lack of protection for service data. Exploiting this vulnerability can allow attackers to disclose sensitive information that should be protected...

7.1CVSS7.6AI score0.02311EPSS
Exploits0References3Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/03/06 12:0 a.m.6 views

The vulnerability of the UHCI controller in VMware ESXi, Workstation, Fusion, and Cloud Foundation software allows a attacker to execute arbitrary code.

The vulnerability of the UHCI-based USB controller in VMware ESXi, Workstation, Fusion, and Cloud Foundation software products is related to the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

8.4CVSS8.4AI score0.00645EPSS
Exploits0References4Affected Software2
NCSC
NCSC
added 2024/03/06 12:0 a.m.5 views

Vulnerabilities fixed in VMware products

VMware has fixed several vulnerabilities in VMware ESXI, VMware Workstation and VMware Fusion. A malicious person with local administrator rights in a virtual machine can exploit the vulnerabilities to execute code - with the rights of the application - execute code on the system on which the...

9.3CVSS7.5AI score0.03542EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2024/03/06 12:0 a.m.18 views

The vulnerability of VMware ESXi, Workstation, Fusion, and Cloud Foundation software lies in the ability to write beyond the buffer boundaries, allowing attackers to increase their privileges.

The vulnerabilities of VMware ESXi, Workstation, Fusion, and Cloud Foundation software are related to writing beyond the buffer boundaries. Exploiting these vulnerabilities can allow attackers to gain increased privileges...

7.9CVSS8.1AI score0.00501EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2024/03/06 12:0 a.m.6 views

The vulnerability of USB controllers in VMware ESXi, Workstation, Fusion, and Cloud Foundation software allows a hacker to execute arbitrary code.

The vulnerability of USB controllers in VMware ESXi, Workstation, Fusion, and Cloud Foundation software products lies in the possibility of exploiting memory after it is freed. Exploiting this vulnerability can allow an attacker to execute arbitrary code...

9.3CVSS8.4AI score0.03542EPSS
Exploits0References4Affected Software2
NVD
NVD
added 2024/03/05 6:15 p.m.11 views

CVE-2024-22254

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

8.2CVSS8.7AI score0.00501EPSS
Exploits0References1
NVD
NVD
added 2024/03/05 6:15 p.m.11 views

CVE-2024-22255

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

7.1CVSS7.7AI score0.02311EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 6:15 p.m.4 views

CVE-2024-22255

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

7.1CVSS7.3AI score0.02311EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 6:15 p.m.3 views

CVE-2024-22254

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

8.2CVSS7.5AI score0.00501EPSS
Exploits0References1
NVD
NVD
added 2024/03/05 6:15 p.m.16 views

CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS9.5AI score0.00645EPSS
Exploits0References1
NVD
NVD
added 2024/03/05 6:15 p.m.20 views

CVE-2024-22252

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS9.5AI score0.03542EPSS
Exploits0References1
OSV
OSV
added 2024/03/05 6:15 p.m.4 views

CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

6.7CVSS7.7AI score0.00645EPSS
Exploits0References1
Prion
Prion
added 2024/03/05 6:15 p.m.19 views

Design/Logic Flaw

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

2.9CVSS6.9AI score0.00501EPSS
Exploits0References1
Prion
Prion
added 2024/03/05 6:15 p.m.12 views

Double free

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

4.6CVSS7.5AI score0.03542EPSS
Exploits0References1
Prion
Prion
added 2024/03/05 6:15 p.m.20 views

Information disclosure

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

2.1CVSS6.2AI score0.02311EPSS
Exploits0References1
Prion
Prion
added 2024/03/05 6:15 p.m.16 views

Double free

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

4.6CVSS7.5AI score0.00645EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/05 5:58 p.m.18 views

CVE-2024-22255 Information disclosure vulnerability

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

7.1CVSS6.3AI score0.02311EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/05 5:58 p.m.24 views

CVE-2024-22255 Information disclosure vulnerability

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

7.1CVSS7.3AI score0.02311EPSS
Exploits0References1
Rows per page
Query Builder