CVE-2026-20751

Out-of-bounds read for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

PT-2026-40525

A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution...

Security Bulletin: Multiple Vulnerabilities in VMware ESXi affect IBM Cloud Pak System

Summary Vulnerabilities in VMware ESXi affect IBM Cloud Pak System. IBM Cloud Pak System has addressed vulnerabilities. Cloud Pak Sytem has delivered updated workload nodes to VMware ESXi 83U3g. Vulnerability Details CVEID:CVE-2025-41236 DESCRIPTION: VMware ESXi, Workstation, and Fusion contain a...

[SECURITY] Fedora 41 Update: open-vm-tools-12.5.2-1.fc41

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

VulnCheck KEV: CVE-2024-22255

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

VulnCheck KEV: CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

VMware ESXi Security Vulnerabilities

VMware ESXi is a suite of server virtualization platforms from VMware that can be installed directly on physical servers. A security vulnerability exists in VMware ESXi that stems from an authentication bypass vulnerability that could allow an attacker to gain full access to a previously configur...

VMware ESXi 安全漏洞

VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. An out-of-bounds write vulnerability exists in VMware ESXi, which can be exploited by a local attacker with administrative privileges to cause a sandbox escape...

Chinese Hackers Exploit Fortinet Zero-Day Flaw for Cyber Espionage Attack

The zero-day exploitation of a now-patched medium-severity security flaw in the Fortinet FortiOS operating system has been linked to a suspected Chinese hacking group. American cybersecurity company Mandiant, which made the attribution, said the activity cluster is part of a broader campaign...

VMware ESXi和vCenter Server 安全漏洞

VMware ESXi and VMware vCenter Server are both products of VMware, Inc. VMware ESXi is a server virtualization platform that can be installed directly on physical servers. vMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platfo...

VMware ESXi 授权问题漏洞

Vmware VMware ESXi is a server virtualization platform from Vmware that can be installed directly on physical servers. An authorization issue vulnerability exists in VMware ESXi, which stems from a vulnerability in the product's SFCB authentication feature, which allows an attacker to bypass SFCB...

Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now

VMware has addressed multiple critical remote code execution RCE vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems. "A malicious actor with network access to port...

CVE-2020-3965

VMware ESXi 7.0 before ESXi7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG, Workstation 15.x before 15.5.2, and Fusion 11.x before 11.5.2 contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine may b...

VMware Workstation 14.x < 14.1.5 / 15.x < 15.0.2 Virtual Network Integer Overflow Vulnerability (VMSA-2018-0030)

The version of VMware Workstation installed on the remote host is 14.x prior to 14.1.5 or 15.x prior to 15.0.2. It is, therefore, affected by an integer overflow vulnerability in the virtual network devices. An attacker with access to a guest system may be able to execute code on the host system ...