Lucene search
K

11 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.7 views

EUVD-2020-25270

Malware in sbrugna...

7.8CVSS7.8AI score0.00382EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/24 12:0 a.m.57 views

VMware Fusion 11.x < 11.5.7 Use-after-free (VMSA-2020-0026)

The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.x prior to 11.5.7. It is, therefore, affected by a use-after-free error in the XHCI USB Controller. An unauthenticated, local attacker with administrative privileges on a virtual machine may exploit this issue to...

8.2CVSS8.1AI score0.00392EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/24 12:0 a.m.58 views

VMware Workstation 15.x < 15.5.7 Use-after-free (VMSA-2020-0026)

The version of VMware Workstation installed on the remote Windows host is 15.x prior to 15.5.7. It is, therefore, affected by a use-after-free error in the XHCI USB Controller. An unauthenticated, local attacker with administrative privileges on a virtual machine may exploit this issue to execute...

8.2CVSS7.5AI score0.00392EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/11/24 12:0 a.m.412 views

ESXi 6.5 / 6.7 / 7.0 Multiple Vulnerabilities (VMSA-2020-0026)

According to its self-reported version number, the remote VMware ESXi host is version 6.5, 6.7 or 7.0 and is affected by multiple vulnerabilities. - A use-after-free error exists in the XHCI USB controller. An unauthenticated, local attacker with local administrative privileges on a virtual machi...

8.2CVSS8.1AI score0.00392EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2020/11/23 12:0 a.m.118 views

VMSA-2020-0026 : VMware ESXi, Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities

a. Use-after-free vulnerability in XHCI USB controller CVE-2020-4004 VMware ESXi contains a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machines VMX proce...

8.2CVSS8.1AI score0.00392EPSS
Exploits0References3
Circl
Circl
added 2020/11/20 10:42 p.m.11 views

CVE-2020-4004

creationtimestamp| type| source ---|---|--- 2020-11-20 22:42:59+00:00| seen| https://t.me/cibsecurity/16678 2020-11-20 22:43:03+00:00| seen| https://t.me/cibsecurity/16681 2020-11-23 12:28:43+00:00| seen| https://t.me/CyberGovIL/946 2020-11-23 12:30:01+00:00| seen|...

8.2CVSS8AI score0.00392EPSS
Exploits0References7
ThreatPost
ThreatPost
added 2020/11/20 8:18 p.m.86 views

VMware Fixes Critical Flaw in ESXi Hypervisor

VMware has hurried out fixes for a critical flaw in its ESXi hypervisor, a few weeks after it was found during China’s Tianfu Cup hacking competition. The use-after-free vulnerability CVE-2020-4004 has a CVSS score of 9.3 out of 10, making it critical. It exists in the eXtensible Host Controller...

1.4AI score0.00392EPSS
Exploits0References7
Prion
Prion
added 2020/11/20 8:15 p.m.34 views

Privilege escalation

VMware ESXi 7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate thei...

7.2CVSS7.8AI score0.00392EPSS
Exploits0References1Affected Software2
CVE
CVE
added 2020/11/20 7:6 p.m.208 views

CVE-2020-4004

CVE-2020-4004 is a use-after-free in the XHCI USB controller affecting VMware ESXi (7.0 before ESXi70U1b-17168206; 6.7 before ESXi670-202011101-SG; 6.5 before ESXi650-202011301-SG), VMware Workstation (15.x before 15.5.7), and VMware Fusion (11.x before 11.5.7). The underlying issue allows a mali...

8.2CVSS7.8AI score0.00392EPSS
Exploits0References1Affected Software1
VMware
VMware
added 2020/11/19 12:0 a.m.51 views

VMware ESXi, Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005)

3a. Use-after-free vulnerability in XHCI USB controller CVE-2020-4004 VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9....

7.2CVSS7.8AI score0.00392EPSS
Exploits0References15Affected Software4
Kaspersky
Kaspersky
added 2020/11/19 12:0 a.m.55 views

KLA12101 Use after free vulnerability in VMware Workstation and Player

A use after free vulnerability was found in VMware Workstation and Player. Malicious users can exploit this vulnerability to execute arbitrary code. Original advisories VMSA-2020-0026 Related products VMware-Workstation VMware-Player CVE list CVE-2020-4004 critical Solution Update to the latest...

8.2CVSS8.5AI score0.00392EPSS
Exploits0References4
Rows per page
Query Builder