5 matches found
CVE-2025-41238
creationtimestamp| type| source ---|---|--- 2025-07-15 18:53:54+00:00| seen| https://infosec.exchange/users/cR0w/statuses/114858762801914674 2025-07-16 04:00:00+00:00| seen| https://www.govcert.gov.hk/en/alertsdetail.php?id=1592 2025-07-16 12:20:29+00:00| seen|...
CVE-2025-41238
CVE-2025-41238 is a heap-overflow vulnerability in the PVSCSI controller affecting VMware ESXi, Workstation, and Fusion. Exploitation can cause an out-of-bounds write and code execution, with ESXi exploits contained within the VMX sandbox (and only with unsupported configs), while Workstation/Fus...
CVE-2025-41238 PVSCSI heap-overflow vulnerability
VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI Paravirtualized SCSI controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine'...
VMware Workstation 13.0.x < 13.6.4 / 17.0.x < 17.6.4 Multiple Vulnerabilities (VMSA-2025-0013)
The version of VMware Workstation installed on the remote host is 13.0.x prior to 13.6.4 or 17.0.x prior to 17.6.4. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version numbe...
VMSA-2025-0013: VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239)
Advisory ID: | VMSA-2025-0013 ---|--- Advisory Severity: | Critical CVSSv3 Range: | 6.2-9.3 Synopsis: | VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239 Issue date: | 2025-07-15 Updated on: |...