Lucene search
K

13053 matches found

CVE
CVE
added 2024/03/05 5:58 p.m.236 views

CVE-2024-22255

CVE-2024-22255 is an information disclosure vulnerability in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with administrative access inside a guest VM can leak memory from the VMX process, potentially exposing sensitive data. The issue is documented wi...

7.1CVSS7.7AI score0.02311EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2024/03/05 5:58 p.m.17 views

CVE-2024-22254 Out-of-bounds write vulnerability

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

7.9CVSS8AI score0.00501EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/05 5:58 p.m.18 views

CVE-2024-22254 Out-of-bounds write vulnerability

VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...

7.9CVSS7AI score0.00501EPSS
Exploits0References1
CVE
CVE
added 2024/03/05 5:58 p.m.167 views

CVE-2024-22254

CVE-2024-22254 : VMware ESXi contains an out-of-bounds write vulnerability in the VMX sandbox process. A local, privileged attacker within a VMX context could trigger the write and escape the sandbox, potentially impacting the host. Public details confirm the issue affects ESXi (and related VMwar...

8.2CVSS8.6AI score0.00501EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2024/03/05 5:57 p.m.142 views

CVE-2024-22253

CVE-2024-22253 is a use-after-free in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with local VM admin privileges can exploit it to execute code as the VMX process on the host; on ESXi this is contained within the VMX sandbox, while Workstation/Fusion ...

9.3CVSS9.5AI score0.00645EPSS
Exploits0References1Affected Software3
Cvelist
Cvelist
added 2024/03/05 5:57 p.m.29 views

CVE-2024-22253 Use-after-free vulnerability

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS9.7AI score0.00645EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/05 5:57 p.m.26 views

CVE-2024-22253 Use-after-free vulnerability

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS7.7AI score0.00645EPSS
Exploits0References1
CVE
CVE
added 2024/03/05 5:57 p.m.180 views

CVE-2024-22252

Summary of CVE-2024-22252 : VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges inside a VM can exploit this to execute code as the VMX process on the host; on ESXi the effect is contained w...

9.3CVSS9.5AI score0.03542EPSS
Exploits0References1Affected Software2
Vulnrichment
Vulnrichment
added 2024/03/05 5:57 p.m.22 views

CVE-2024-22252 Use-after-free vulnerability

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS7.7AI score0.03542EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/03/05 5:57 p.m.28 views

CVE-2024-22252 Use-after-free vulnerability

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS9.7AI score0.03542EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.2 views

PT-2024-1976 · Vmware · Vmware Esxi +3

Name of the Vulnerable Software and Affected Versions: VMware ESXi affected versions not specified VMware Workstation affected versions not specified VMware Fusion affected versions not specified VMware Cloud Foundation affected versions not specified Description: The issue is related to an...

8.2CVSS8.1AI score0.00501EPSS
Exploits0References30
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.4 views

VMware ESXi 安全漏洞

VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. An out-of-bounds write vulnerability exists in VMware ESXi, which can be exploited by a local attacker with administrative privileges to cause a sandbox escape...

8.2CVSS6.5AI score0.00501EPSS
Exploits0References2
VMware
VMware
added 2024/03/05 12:0 a.m.101 views

VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)

3a. Use-after-free vulnerability in XHCI USB controller CVE-2024-22252 VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9...

4.6CVSS6.7AI score0.03542EPSS
Exploits0References17Affected Software4
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.2 views

PT-2024-1975 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: The issue is related to an information disclosure vulnerability in the UHCI USB controller of the affected software. A malicious actor with administrative acces...

7.1CVSS7.4AI score0.02311EPSS
Exploits0References27
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.16 views

VMware Security Vulnerabilities in Multiple Products

VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...

9.3CVSS6.8AI score0.03542EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.4 views

PT-2024-1973 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: A use-after-free vulnerability in the XHCI USB controller of VMware products allows a malicious actor with local administrative privileges on a virtual machine ...

9.3CVSS9.3AI score0.03542EPSS
Exploits0References40
Tenable Nessus
Tenable Nessus
added 2024/03/05 12:0 a.m.30 views

VMware Fusion 13.0.x < 13.5.1 Multiple Vulnerabilities (VMSA-2024-0006)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 13.0.x prior to 13.5.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...

9.3CVSS8.3AI score0.03542EPSS
Exploits0References5
Kaspersky
Kaspersky
added 2024/03/05 12:0 a.m.27 views

KLA64773 Multiple vulnerabilities in VMware Workstation

Multiple vulnerabilities were found in VMware Workstation. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in UHCI USB controller can be exploited to execute...

9.3CVSS9.5AI score0.03542EPSS
Exploits0References3
CNNVD
CNNVD
added 2024/03/05 12:0 a.m.6 views

VMware Security Vulnerabilities in Multiple Products

VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...

9.3CVSS6.8AI score0.00645EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.3 views

PT-2024-1974 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: The issue is related to a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine m...

9.3CVSS9.3AI score0.00645EPSS
Exploits0References33
Rows per page
Query Builder