13053 matches found
CVE-2023-5633
CVE-2023-5633 is documented in an IBM QRadar SIEM bulletin as a Linux Kernel use-after-free vulnerability: a memory-management flaw in handling memory objects for GEM objects can allow a local, authenticated attacker to gain elevated privileges within a VM with 3D acceleration (VMware guest). The...
CVE-2023-5633 Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...
CVE-2023-5633 Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...
CVE-2023-5633
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...
CVE-2023-5633
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...
The vulnerability of the VMware Aria Operations for Logs network log analysis tool, related to the restoration of unreliable data in memory, allows a perpetrator to escalate their privileges.
The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...
VMSA-2023-0023:VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities
Advisory ID: VMSA-2023-0023.1 CVSSv3 Range: 4.3-9.8 Issue Date:2023-10-25 Updated On: 2024-01-17 CVEs: CVE-2023-34048, CVE-2023-34056 Synopsis: VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities CVE-2023-34048, CVE-2023-34056 RSS Feed Download PDF...
Exploit for Incorrect Authorization in Vmware Aria_Operations_For_Logs
CVE-2023-34051 CVE-2023-34051 is an authentication bypass tha...
CVE-2023-34045
VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...
CVE-2023-34045
VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...
Privilege escalation
VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...
CVE-2023-34046
VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...
CVE-2023-34044
VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...
CVE-2023-34046
VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...
Code injection
VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...
Out-of-bounds
VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...
CVE-2023-34045 VMware Fusion installer local privilege escalation
VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...
CVE-2023-34045 VMware Fusion installer local privilege escalation
VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...
CVE-2023-34045
CVE-2023-34045 affects VMware Fusion 13.x before 13.5, with a local privilege-escalation flaw that can be exploited during the first-time install or an upgrade (from the .dmg volume) to gain root privileges. The issue is addressed by VMware in Fusion 13.5 (per VMSA-2023-0022), which provides the ...
CVE-2023-34046 VMware Fusion TOCTOU local privilege escalation vulnerability
VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...