14 matches found
Astra Linux – Vulnerability in open-vm-tools
A fully compromised ESXi host can cause VMware Tools to fail in authenticating host-to-guest operations, thereby affecting the confidentiality and integrity of the guest virtual machine...
EUVD-2026-18647
In the Linux kernel, the following vulnerability has been resolved: KVM: arm64: Fix ID register initialization for non-protected pKVM guests In protected mode, the hypervisor maintains a separate instance of the kvm structure for each VM. For non-protected VMs, this structure is initialized from...
PT-2026-30039
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains an issue in KVM for arm64 systems related to the initialization of ID registers for non-protected pKVM guests. The hypervisor incorrectly copies the KVM ARCH FL...
vsock: Fix transport_{g2h,h2g} TOCTOU
...
SUSE SLES15: libvmtools-devel / libvmtools0 / open-vm-tools / etc (SUSE-SU-2023:3505-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:3505-1 advisory. - CVE-2023-20867: Fixed authentication bypass vulnerability in the vgauth module bsc1212143. - CVE-2023-20900: Fixed SAML token...
DEBIAN-CVE-2023-20867
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...
VMware Tools 授权问题漏洞
VMware Tools is an enhancement tool that comes with VMware's VMWare virtual machines, and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of virtual machines with the host computer. A security vulnerability...
CVE-2023-20867
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...
UBUNTU-CVE-2023-20867
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine...
PT-2023-2452
Name of the Vulnerable Software and Affected Versions VMware Workstation versions 17.x VMware Fusion versions 13.x Description The issue is related to a stack-based buffer-overflow vulnerability in the functionality for sharing host Bluetooth devices with the virtual machine. This vulnerability m...
PT-2021-21192 · Canonical · Multipass
Name of the Vulnerable Software and Affected Versions: Multipass versions prior to 1.7.0 Description: The issue allows any local process to connect to the localhost TCP control socket, enabling mounts from the operating system to a guest. This can lead to privilege escalation. Recommendations: Fo...
Wasmtime 资源管理错误漏洞
Wasmtime, a Bytecode Consortium project, is a standalone wasm optimization runtime for WebAssembly and WASI only. A resource management error vulnerability exists in Wasmtime that stems from a post-release usage error when passing multiple externrefs from the host to guest Wasm content...
CVE-2018-6982
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest...
Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line
a. Host to guest shared folder HGFS traversal vulnerabilityOn Windows hosts, if you have configured a VMware host to guest shared folder HGFS, it is possible for a program running in the guest to gain access to the host's file system and create or modify executable files in sensitive locations...