Lucene search
K

14 matches found

AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.6 views

Astra Linux – Vulnerability in open-vm-tools

A fully compromised ESXi host can cause VMware Tools to fail in authenticating host-to-guest operations, thereby affecting the confidentiality and integrity of the guest virtual machine...

3.9CVSS6.1AI score0.13638EPSS
Exploits0References2
EUVD
EUVD
added 2026/04/03 3:30 p.m.7 views

EUVD-2026-18647

In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix ID register initialization for non-protected pKVM guests In protected mode, the hypervisor maintains a separate instance of the kvm structure for each VM. For non-protected VMs, this structure is initialized from...

5.8AI score0.00119EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2026/04/03 12:0 a.m.8 views

PT-2026-30039

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in KVM for arm64 systems related to the initialization of ID registers for non-protected pKVM guests. The hypervisor incorrectly copies the KVM ARCH FL...

5.8AI score0.00119EPSS
Exploits0References134
Microsoft CVE
Microsoft CVE
added 2025/09/04 5:31 a.m.11 views

vsock: Fix transport_{g2h,h2g} TOCTOU

...

4.7CVSS7AI score0.00112EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/09/01 12:0 a.m.33 views

SUSE SLES15: libvmtools-devel / libvmtools0 / open-vm-tools / etc (SUSE-SU-2023:3505-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3505-1 advisory. - CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module bsc1212143. - CVE-2023-20900: Fixed SAML token...

7.5CVSS7AI score0.13638EPSS
Exploits0References7
OSV
OSV
added 2023/06/13 5:15 p.m.3 views

DEBIAN-CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...

3.9CVSS6.1AI score0.13638EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/06/13 12:0 a.m.7 views

VMware Tools 授权问题漏洞

VMware Tools is an enhancement tool that comes with VMware's VMWare virtual machines, and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of virtual machines with the host computer. A security vulnerability...

3.9CVSS6AI score0.13638EPSS
Exploits0References14
UbuntuCve
UbuntuCve
added 2023/06/13 12:0 a.m.209 views

CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...

3.9CVSS6.5AI score0.13638EPSS
Exploits0References4
OSV
OSV
added 2023/06/13 12:0 a.m.2 views

UBUNTU-CVE-2023-20867

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...

3.9CVSS7.1AI score0.13638EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2023/04/25 12:0 a.m.6 views

PT-2023-2452

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 17.x VMware Fusion versions 13.x Description The issue is related to a stack-based buffer-overflow vulnerability in the functionality for sharing host Bluetooth devices with the virtual machine. This vulnerability m...

8.2CVSS8.7AI score0.02036EPSS
Exploits0References39
Positive Technologies
Positive Technologies
added 2021/10/01 12:0 a.m.6 views

PT-2021-21192 · Canonical · Multipass

Name of the Vulnerable Software and Affected Versions: Multipass versions prior to 1.7.0 Description: The issue allows any local process to connect to the localhost TCP control socket, enabling mounts from the operating system to a guest. This can lead to privilege escalation. Recommendations: Fo...

8.8CVSS8.5AI score0.00241EPSS
Exploits0References3
CNNVD
CNNVD
added 2021/09/17 12:0 a.m.6 views

Wasmtime 资源管理错误漏洞

Wasmtime, a Bytecode Consortium project, is a standalone wasm optimization runtime for WebAssembly and WASI only. A resource management error vulnerability exists in Wasmtime that stems from a post-release usage error when passing multiple externrefs from the host to guest Wasm content...

6.3CVSS6.3AI score0.00307EPSS
Exploits0References7
OSV
OSV
added 2018/12/04 2:29 p.m.3 views

CVE-2018-6982

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest...

6.5CVSS5.8AI score0.00452EPSS
Exploits0References3
VMware
VMware
added 2008/03/17 12:0 a.m.37 views

Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line

a. Host to guest shared folder HGFS traversal vulnerabilityOn Windows hosts, if you have configured a VMware host to guest shared folder HGFS, it is possible for a program running in the guest to gain access to the host's file system and create or modify executable files in sensitive locations...

7.8CVSS1AI score0.17418EPSS
Exploits15References12
Rows per page
Query Builder