Lucene search
K

500 matches found

Amazon
Amazon
added 2025/06/02 12:0 a.m.7 views

Medium: open-vm-tools

Issue Overview: VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247 Affected Packages: open-vm-tools Issue Correction: Run dn...

6.1CVSS6.6AI score0.00255EPSS
Exploits0
Amazon
Amazon
added 2025/05/29 12:0 a.m.13 views

Medium: open-vm-tools

Issue Overview: VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247 Affected Packages: open-vm-tools Note: This advisory is...

6.1CVSS6.7AI score0.00255EPSS
Exploits0
OSV
OSV
added 2025/05/27 6:46 p.m.3 views

MGASA-2025-0166 Updated open-vm-tools packages fix security vulnerability

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM. CVE-2025-22247...

6.1CVSS6.9AI score0.00255EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2025/05/23 5:21 a.m.5 views

CVE-2023-34057

VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine...

7.8CVSS6.9AI score0.0019EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:51 p.m.10 views

CVE-2022-22977

VMware Tools for Windows12.0.0, 11.x.y and 10.x.y contains an XML External Entity XXE vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or...

7.1CVSS6.5AI score0.00782EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 10:23 p.m.10 views

CVE-2022-22943

VMware Tools for Windows 11.x.y and 10.x.y prior to 12.0.0 contains an uncontrolled search path vulnerability. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest O...

7.2CVSS7.2AI score0.01217EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:31 p.m.11 views

CVE-2021-21999

VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...

7.8CVSS7.2AI score0.01382EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 9:31 p.m.15 views

CVE-2021-21997

VMware Tools for Windows 11.x.y prior to 11.3.0 contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...

5.5CVSS6.6AI score0.00479EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 5:3 p.m.8 views

CVE-2020-3972

VMware Tools for macOS 11.x.x and prior before 11.1.1 contains a denial-of-service vulnerability in the Host-Guest File System HGFS implementation. Successful exploitation of this issue may allow attackers with non-admin privileges on guest macOS virtual machines to create a denial-of-service...

3.3CVSS6.7AI score0.00379EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 3:35 p.m.7 views

CVE-2020-3941

The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11...

7CVSS7.1AI score0.00296EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 4:5 a.m.7 views

CVE-2012-1666

Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the...

6.9CVSS6.7AI score0.00784EPSS
Exploits1References1
Fedora
Fedora
added 2025/05/20 1:14 a.m.11 views

[SECURITY] Fedora 42 Update: open-vm-tools-12.5.2-1.fc42

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

6.1CVSS6.8AI score0.00255EPSS
Exploits0
BDU FSTEC
BDU FSTEC
added 2025/05/19 12:0 a.m.7 views

The vulnerability in the set of VMware Tools relates to incorrect definition of the link before accessing the file, allowing an attacker to escalate their privileges.

The vulnerability of the VMware Tools utility is related to an incorrect definition of the link before accessing the file. Exploiting this vulnerability can allow an attacker to increase their privileges...

6.1CVSS6.6AI score0.00255EPSS
Exploits0References12Affected Software6
Tenable Nessus
Tenable Nessus
added 2025/05/16 12:0 a.m.9 views

VMware Tools 11.x / 12.x < 12.5.2 Insecure File Handling (VMSA-2025-0007)

The version of VMware Tools installed on the remote host is 11.x or 12.x prior to 12.5.2. It is, therefore, affected by an insecure file handling vulnerability: - VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may...

6.1CVSS6.5AI score0.00255EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2025/05/13 11:42 p.m.4 views

SUSE CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

6.1CVSS6.3AI score0.00255EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2025/05/13 12:0 a.m.26 views

VMware Tools Insecure File Handling Vulnerability (VMSA-2025-0007) - Windows

VMware Tools is prone to an insecure file handling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:tools";...

6.1CVSS7.3AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2025/05/12 11:15 a.m.13 views

CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

6.1AI score
Exploits0References4
OSV
OSV
added 2025/05/12 11:15 a.m.4 views

DEBIAN-CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

6.1CVSS6.3AI score0.00255EPSS
Exploits0References1
OSV
OSV
added 2025/05/12 11:15 a.m.7 views

AZL-67797 CVE-2025-22247 affecting package open-vm-tools for versions less than 11.3.0-4

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

6.1CVSS5.8AI score0.00255EPSS
Exploits0References1
NVD
NVD
added 2025/05/12 11:15 a.m.46 views

CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

6.1CVSS0.00255EPSS
Exploits0References8
Rows per page
Query Builder