500 matches found
Medium: open-vm-tools
Issue Overview: VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247 Affected Packages: open-vm-tools Issue Correction: Run dn...
Medium: open-vm-tools
Issue Overview: VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247 Affected Packages: open-vm-tools Note: This advisory is...
MGASA-2025-0166 Updated open-vm-tools packages fix security vulnerability
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247...
CVE-2023-34057
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...
CVE-2022-22977
VMware Tools for Windows12.0.0, 11.x.y and 10.x.y contains an XML External Entity XXE vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or...
CVE-2022-22943
VMware Tools for Windows 11.x.y and 10.x.y prior to 12.0.0 contains an uncontrolled search path vulnerability. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest O...
CVE-2021-21999
VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...
CVE-2021-21997
VMware Tools for Windows 11.x.y prior to 11.3.0 contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...
CVE-2020-3972
VMware Tools for macOS 11.x.x and prior before 11.1.1 contains a denial-of-service vulnerability in the Host-Guest File System HGFS implementation. Successful exploitation of this issue may allow attackers with non-admin privileges on guest macOS virtual machines to create a denial-of-service...
CVE-2020-3941
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11...
CVE-2012-1666
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the...
[SECURITY] Fedora 42 Update: open-vm-tools-12.5.2-1.fc42
The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...
The vulnerability in the set of VMware Tools relates to incorrect definition of the link before accessing the file, allowing an attacker to escalate their privileges.
The vulnerability of the VMware Tools utility is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...
VMware Tools 11.x / 12.x < 12.5.2 Insecure File Handling (VMSA-2025-0007)
The version of VMware Tools installed on the remote host is 11.x or 12.x prior to 12.5.2. It is, therefore, affected by an insecure file handling vulnerability: - VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may...
SUSE CVE-2025-22247
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...
VMware Tools Insecure File Handling Vulnerability (VMSA-2025-0007) - Windows
VMware Tools is prone to an insecure file handling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:tools";...
CVE-2025-22247
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...
DEBIAN-CVE-2025-22247
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...
AZL-67797 CVE-2025-22247 affecting package open-vm-tools for versions less than 11.3.0-4
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...
CVE-2025-22247
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...