13053 matches found
CVE-2024-22255
CVE-2024-22255 is an information disclosure vulnerability in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with administrative access inside a guest VM can leak memory from the VMX process, potentially exposing sensitive data. The issue is documented wi...
CVE-2024-22254 Out-of-bounds write vulnerability
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...
CVE-2024-22254 Out-of-bounds write vulnerability
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...
CVE-2024-22254
CVE-2024-22254 : VMware ESXi contains an out-of-bounds write vulnerability in the VMX sandbox process. A local, privileged attacker within a VMX context could trigger the write and escape the sandbox, potentially impacting the host. Public details confirm the issue affects ESXi (and related VMwar...
CVE-2024-22253
CVE-2024-22253 is a use-after-free in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with local VM admin privileges can exploit it to execute code as the VMX process on the host; on ESXi this is contained within the VMX sandbox, while Workstation/Fusion ...
CVE-2024-22253 Use-after-free vulnerability
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...
CVE-2024-22253 Use-after-free vulnerability
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...
CVE-2024-22252
Summary of CVE-2024-22252 : VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges inside a VM can exploit this to execute code as the VMX process on the host; on ESXi the effect is contained w...
CVE-2024-22252 Use-after-free vulnerability
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...
CVE-2024-22252 Use-after-free vulnerability
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...
PT-2024-1976 · Vmware · Vmware Esxi +3
Name of the Vulnerable Software and Affected Versions: VMware ESXi affected versions not specified VMware Workstation affected versions not specified VMware Fusion affected versions not specified VMware Cloud Foundation affected versions not specified Description: The issue is related to an...
VMware ESXi 安全漏洞
VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. An out-of-bounds write vulnerability exists in VMware ESXi, which can be exploited by a local attacker with administrative privileges to cause a sandbox escape...
VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)
3a. Use-after-free vulnerability in XHCI USB controller CVE-2024-22252 VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9...
PT-2024-1975 · Vmware · Vmware Esxi +2
Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: The issue is related to an information disclosure vulnerability in the UHCI USB controller of the affected software. A malicious actor with administrative acces...
VMware Security Vulnerabilities in Multiple Products
VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...
PT-2024-1973 · Vmware · Vmware Esxi +2
Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: A use-after-free vulnerability in the XHCI USB controller of VMware products allows a malicious actor with local administrative privileges on a virtual machine ...
VMware Fusion 13.0.x < 13.5.1 Multiple Vulnerabilities (VMSA-2024-0006)
The version of VMware Fusion installed on the remote macOS or Mac OS X host is 13.0.x prior to 13.5.1. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number...
KLA64773 Multiple vulnerabilities in VMware Workstation
Multiple vulnerabilities were found in VMware Workstation. Malicious users can exploit these vulnerabilities to execute arbitrary code, obtain sensitive information. Below is a complete list of vulnerabilities: 1. Use after free vulnerability in UHCI USB controller can be exploited to execute...
VMware Security Vulnerabilities in Multiple Products
VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a set of virtual machine software, and VMware Fusion is a set of virtual machine software designed to run Windows applications on Macs. VMware Fusion is a suite of virtual...
PT-2024-1974 · Vmware · Vmware Esxi +2
Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: The issue is related to a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine m...