CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

153 matches found

Microsoft KB•added 2024/05/29 12:0 a.m.•3 views

May 29, 2024—KB5037849 (OS Build 19045.4474) Preview

May 29, 2024—KB5037849 OS Build 19045.4474 Preview 11/17/20 For information about Windows update terminology, see the article about the types of Windows updates and the monthly quality update types. For an overview of Windows 10, version 22H2, see its update history page. Note Follow @WindowsUpda...

7AI score

Exploits0

SUSE CVE•added 2024/05/23 3:5 a.m.•1 views

SUSE CVE-2021-47273

In the Linux kernel, the following vulnerability has been resolved: usb: dwc3-meson-g12a: fix usb2 PHY glue init when phy0 is disabled When only PHY1 is used for example on Odroid-HC4, the regmap init code uses the usb2 ports when doesn't initialize the PHY1 regmap entry. This fixes: Unable to...

5.5CVSS6.5AI score0.00021EPSS

Exploits0References3

OSV•added 2024/05/21 3:15 p.m.•0 views

DEBIAN-CVE-2021-47409

In the Linux kernel, the following vulnerability has been resolved: usb: dwc2: check return value after calling platformgetresource It will cause null-ptr-deref if platformgetresource returns NULL, we need check the return value...

5.5CVSS5AI score0.00012EPSS

Exploits0References1

VMware•added 2024/05/08 12:0 a.m.•150 views

VMSA-2024-0006:VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255)

Advisory ID: | VMSA-2024-0006.1 ---|--- Advisory Severity: | Critical CVSSv3 Range: | 7.1-9.3 Synopsis: | VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, CVE-2024-22255 Issue date: | 2024-03-05 Updated on: |...

9.3CVSS9AI score0.04977EPSS

Exploits0References49Affected Software4

Malwarebytes•added 2024/03/08 2:16 p.m.•39 views

Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix

VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws...

4.6CVSS8.1AI score0.04977EPSS

Exploits0

Positive Technologies•added 2024/03/08 12:0 a.m.•2 views

PT-2024-19291 · Vmware · Vmware Workstation

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions prior to 17.5.1 Description: A critical issue has been found in the USB controller of VMware Workstation, allowing for VM-escape vulnerabilities. The estimated number of potentially affected devices worldwide is no...

7.1AI score

Exploits0References2

The Hacker News•added 2024/03/06 7:20 a.m.•51 views

VMware Issues Security Patches for ESXi, Workstation, and Fusion Flaws

VMware has released patches to address four security flaws impacting ESXi, Workstation, and Fusion, including two critical flaws that could lead to code execution. Tracked as CVE-2024-22252 and CVE-2024-22253, the vulnerabilities have been described as use-after-free bugs in the XHCI USB...

9.3CVSS7.9AI score0.04977EPSS

Exploits0

BDU FSTEC•added 2024/03/06 12:0 a.m.•0 views

The vulnerability of the UHCI controller in VMware ESXi, Workstation, Fusion, and Cloud Foundation software allows a attacker to execute arbitrary code.

The vulnerability of the UHCI-based USB controller in VMware ESXi, Workstation, Fusion, and Cloud Foundation software products is related to the possibility of exploiting memory after it is freed. Exploiting this vulnerability could allow an attacker to execute arbitrary code...

8.4CVSS0.0009EPSS

Exploits0References4Affected Software2

NVD•added 2024/03/05 6:15 p.m.•9 views

CVE-2024-22255

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

7.1CVSS7.7AI score0.04977EPSS

Exploits0References1

OSV•added 2024/03/05 6:15 p.m.•2 views

CVE-2024-22255

7.1CVSS7.3AI score0.04977EPSS

Exploits0References1

NVD•added 2024/03/05 6:15 p.m.•13 views

CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

9.3CVSS9.5AI score0.0009EPSS

Exploits0References1

OSV•added 2024/03/05 6:15 p.m.•1 views

CVE-2024-22253

6.7CVSS7.7AI score0.0009EPSS

Exploits0References1

OSV•added 2024/03/05 6:15 p.m.•0 views

CVE-2024-22252

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

6.7CVSS7.7AI score

Exploits0References1

NVD•added 2024/03/05 6:15 p.m.•15 views

CVE-2024-22252

9.3CVSS9.5AI score0.00248EPSS

Exploits0References1

Prion•added 2024/03/05 6:15 p.m.•10 views

Double free

4.6CVSS7.5AI score0.00248EPSS

Exploits0References1

Prion•added 2024/03/05 6:15 p.m.•14 views

Double free

4.6CVSS7.5AI score0.0009EPSS

Exploits0References1

CVE•added 2024/03/05 5:58 p.m.•229 views

CVE-2024-22255

CVE-2024-22255 is an information disclosure vulnerability in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with administrative access inside a guest VM can leak memory from the VMX process, potentially exposing sensitive data. The issue is documented wi...

7.1CVSS7.7AI score0.04977EPSS

Exploits0References1Affected Software3