CVE-2026-22226

creationtimestamp| type| source ---|---|--- 2026-02-02 19:21:16+00:00| seen| Telegram/l5GdkV3EN00CMaI5xyso-xNuPLT0g7uF7hgOrEpSdA-D9FY...

CVE-2026-22226

A command injection vulnerability may be exploited after the admin's authentication in the VPN server configuration module on TP-Link Archer BE230 v1.2 and Archer AX73 v2. Successful exploitation could allow an attacker to gain full administrative control of the device, resulting in severe...

CVE-2021-22226

Under certain conditions, some users were able to push to protected branches that were restricted to deploy keys in GitLab CE/EE since version 13.9...

Security Bulletin: Broadcomm VMware ESXi Vulnerabilities affect IBM Cloud Pak System

Summary Broadcomm VMware ESXi Vulnerabilities affect IBM Cloud Pak SystemCVE-2025-22224, CVE-2025-22225,CVE-2025-22226 Vulnerability Details CVEID:CVE-2025-22224 DESCRIPTION: VMware ESXi, and Workstation contain a TOCTOU Time-of-Check Time-of-Use vulnerability that leads to an out-of-bounds write...

CVE-2020-22226

Stivasoft Phpjabbers Fundraising Script v1.0 was discovered to contain a SQL injection vulnerability via the pjActionSetAmount function...

CVE-2023-22226

creationtimestamp| type| source ---|---|--- 2025-03-05 20:01:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6602...

VMware ESXi 7.0 / 8.0 Information Disclosure (CVE-2025-22226)

The version of VMware ESXi installed on the remote host is 7.0 prior to 7.0 Update 3s, 8.0 Update 2 prior to 8.0 Update 2d, or 8.0 Update 3 prior to 8.0 Update 3d. It is, therefore, affected by an information disclosure vulnerability: - VMware ESXi, Workstation, and Fusion contain an information...

VMware Workstation Multiple Vulnerabilities (VMSA-2025-0004) - Linux

VMware Workstation is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:workstation";...

Multiple Zero-Day Vulnerabilities in Broadcom VMware ESXi and Other Products

On Tuesday, March 4, 2025, Broadcom published a critical security advisory VMSA-2025-0004 on 3 new zero-day vulnerabilities affecting multiple VMware products, including ESXi, Workstation, and Fusion. The most severe of the vulnerabilities is CVE-2025-22224, a critical vulnerability in ESXi and...

Vulnerabilities fixed in VMware products

Broadcom has fixed vulnerabilities in VMware ESXi including Workstation and Fusion. The vulnerabilities include a TOCTOU vulnerability that allows a malicious person with local administrative privileges to execute code as the VMX process on the host via an out-of-bounds write. In addition, there ...

CVE-2025-22226

creationtimestamp| type| source ---|---|--- 2025-03-04 12:31:24+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6365 2025-03-04 13:00:28+00:00| seen| https://infosec.exchange/users/harrysintonen/statuses/114104285789301930 2025-03-04 13:11:56+00:00| seen|...

VMSA-2025-0004: VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-22224, CVE-2025-22225, CVE-2025-22226)

Advisory ID: | VMSA-2025-0004 ---|--- Severity: | Critical CVSSv3 Range: | 7.1-9.3 Synopsis: | VMware ESXi, Workstation, and Fusion updates address multiple vulnerabilities CVE-2025-22224, CVE-2025-22225, CVE-2025-22226 Issue date: | 2025-03-04 Updated on: | 2025-03-04 Initial Advisory CVEs |...

VMware Fusion 13.x < 13.6.3 HGFS Information Disclosure (VMSA-2025-0004)

The version of VMware Fusion installed on the remote macOS host is 13.x prior to 13.6.3. It is, therefore, affected by an information disclosure vulnerability: - VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious...

VMware Workstation 17.x < 17.6.3 Multiple Vulnerabilities (VMSA-2024-0004)

The version of VMware Workstation installed on the remote host is 17.x prior to 17.6.3. It is, therefore, affected by multiple vulnerabilities: - VMware ESXi, and Workstation contain a TOCTOU Time-of-Check Time-of-Use vulnerability that leads to an out-of-bounds write. A malicious actor with loca...

GitLab 13.9 < 13.11.6 / 13.12 < 13.12.6 / 14.0 < 14.0.2 (CVE-2021-22226)

The version of GitLab installed on the remote host is affected by a vulnerability, as follows: - Under certain conditions, some users were able to push to protected branches that were restricted to deploy keys in GitLab CE/EE since version 13.9 CVE-2021-22226 Note that Nessus has not tested for...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44429 GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

CVE-2023-44429

GStreamer AV1 Codec Parsing Heap-based Buffer Overflow Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of GStreamer. Interaction with this library is required to exploit this vulnerability but attack vectors may...

AlmaLinux 9 : gstreamer1-plugins-bad-free (ALSA-2023:7791)

The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2023:7791 advisory. - Fixes for GStreamer-SA-2023-0010 ZDI-CAN-22299 and GStreamer-SA-2023-0009 ZDI-CAN-22226 CVE-2023-44429 CVE-2023-44429 - MXF demuxer use-after-free...

RHEL 9 : gstreamer1-plugins-bad-free (RHSA-2023:7791)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2023:7791 advisory. GStreamer is a streaming media framework based on graphs of filters which operate on media data. The gstreamer1-plugins-bad-free package...