Lucene search
K

13053 matches found

CVE
CVE
added 2023/10/23 9:58 p.m.282 views

CVE-2023-5633

CVE-2023-5633 is documented in an IBM QRadar SIEM bulletin as a Linux Kernel use-after-free vulnerability: a memory-management flaw in handling memory objects for GEM objects can allow a local, authenticated attacker to gain elevated privileges within a VM with 3D acceleration (VMware guest). The...

7.8CVSS6.8AI score0.00282EPSS
Exploits0References8Affected Software1
Cvelist
Cvelist
added 2023/10/23 9:58 p.m.41 views

CVE-2023-5633 Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...

7.8CVSS7.4AI score0.00282EPSS
Exploits0References8
Vulnrichment
Vulnrichment
added 2023/10/23 9:58 p.m.33 views

CVE-2023-5633 Kernel: vmwgfx: reference count issue leads to use-after-free in surface handling

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...

7.8CVSS6.7AI score0.00282EPSS
Exploits0References8
Debian CVE
Debian CVE
added 2023/10/23 9:58 p.m.48 views

CVE-2023-5633

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...

7.8CVSS7.9AI score0.00282EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2023/10/23 2:1 p.m.48 views

CVE-2023-5633

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...

7.8CVSS6.5AI score0.00461EPSS
Exploits0References3
BDU FSTEC
BDU FSTEC
added 2023/10/23 12:0 a.m.6 views

The vulnerability of the VMware Aria Operations for Logs network log analysis tool, related to the restoration of unreliable data in memory, allows a perpetrator to escalate their privileges.

The vulnerability of the VMware Aria Operations for Logs network log analysis tool is related to the restoration of unreliable data in memory. Exploiting this vulnerability can allow a malicious actor to gain increased privileges remotely...

8.1CVSS7.1AI score0.00204EPSS
Exploits0References3Affected Software1
VMware
VMware
added 2023/10/23 12:0 a.m.102 views

VMSA-2023-0023:VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities

Advisory ID: VMSA-2023-0023.1 CVSSv3 Range: 4.3-9.8 Issue Date:2023-10-25 Updated On: 2024-01-17 CVEs: CVE-2023-34048, CVE-2023-34056 Synopsis: VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities CVE-2023-34048, CVE-2023-34056 RSS Feed Download PDF...

9.8CVSS8.1AI score0.99428EPSS
Exploits1References27Affected Software2
GithubExploit
GithubExploit
added 2023/10/20 2:59 p.m.279 views

Exploit for Incorrect Authorization in Vmware Aria_Operations_For_Logs

CVE-2023-34051 CVE-2023-34051 is an authentication bypass tha...

9.8CVSS8.1AI score0.87077EPSS
Exploits3
NVD
NVD
added 2023/10/20 10:15 a.m.20 views

CVE-2023-34045

VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...

7.8CVSS7.2AI score0.00163EPSS
Exploits0References1
OSV
OSV
added 2023/10/20 10:15 a.m.4 views

CVE-2023-34045

VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...

7.8CVSS5.8AI score0.00163EPSS
Exploits0References1
Prion
Prion
added 2023/10/20 10:15 a.m.22 views

Privilege escalation

VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...

4.3CVSS7.8AI score0.00163EPSS
Exploits0References1Affected Software1
OSV
OSV
added 2023/10/20 9:15 a.m.5 views

CVE-2023-34046

VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...

7CVSS5.8AI score0.00128EPSS
Exploits0References1
NVD
NVD
added 2023/10/20 9:15 a.m.21 views

CVE-2023-34044

VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...

7.1CVSS6.6AI score0.00204EPSS
Exploits0References1
NVD
NVD
added 2023/10/20 9:15 a.m.14 views

CVE-2023-34046

VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...

7CVSS6.8AI score0.00128EPSS
Exploits0References1
Prion
Prion
added 2023/10/20 9:15 a.m.18 views

Code injection

VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...

3.5CVSS7.1AI score0.00128EPSS
Exploits0References1Affected Software1
Prion
Prion
added 2023/10/20 9:15 a.m.16 views

Out-of-bounds

VMware Workstation 17.x prior to 17.5 and Fusion13.x prior to 13.5 contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to...

1.4CVSS5.7AI score0.00204EPSS
Exploits0References1Affected Software2
Cvelist
Cvelist
added 2023/10/20 9:0 a.m.33 views

CVE-2023-34045 VMware Fusion installer local privilege escalation

VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...

6.6CVSS8.1AI score0.00163EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2023/10/20 9:0 a.m.9 views

CVE-2023-34045 VMware Fusion installer local privilege escalation

VMware Fusion13.x prior to 13.5 contains a local privilege escalation vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local non-administrative...

6.6CVSS7.5AI score0.00163EPSS
Exploits0References1
CVE
CVE
added 2023/10/20 9:0 a.m.81 views

CVE-2023-34045

CVE-2023-34045 affects VMware Fusion 13.x before 13.5, with a local privilege-escalation flaw that can be exploited during the first-time install or an upgrade (from the .dmg volume) to gain root privileges. The issue is addressed by VMware in Fusion 13.5 (per VMSA-2023-0022), which provides the ...

7.8CVSS7.2AI score0.00163EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/20 8:59 a.m.11 views

CVE-2023-34046 VMware Fusion TOCTOU local privilege escalation vulnerability

VMware Fusion13.x prior to 13.5 contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during installation for the first time the user needs to drag or copy the application to a folder from the '.dmg' volume or when installing an upgrade. A malicious actor with local...

6.7CVSS7.2AI score0.00128EPSS
Exploits0References1
Rows per page
Query Builder