Lucene search
+L

68 matches found

NVD
NVD
added 2025/07/15 7:15 p.m.13 views

CVE-2025-41239

VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes...

7.1CVSS0.02154EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2025/05/30 12:0 a.m.8 views

Photon OS 4.0: Perl PHSA-2025-4.0-0751

An update of the perl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0751. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

7.5CVSS7.6AI score0.02219EPSS
Exploits1References2
RedhatCVE
RedhatCVE
added 2025/05/23 9:34 a.m.6 views

CVE-2024-22251

VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID chip card interface device. A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure...

5.9CVSS6.1AI score0.00226EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/23 7:9 a.m.10 views

CVE-2024-38320

IBM Storage Protect for Virtual Environments: Data Protection for VMware and Storage Protect Backup-Archive Client 8.1.0.0 through 8.1.23.0 uses weaker than expected cryptographic algorithms that could allow an attacker to decrypt highly sensitive information...

5.9CVSS6.5AI score0.00219EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 11:13 p.m.19 views

CVE-2022-36797

Protection mechanism failure in the IntelR Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access...

5.5CVSS6.5AI score0.00181EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2025/05/22 8:41 a.m.15 views

CVE-2019-5098

An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can provide a specially crafted shader file to trigger this vulnerability. This vulnerability can be...

8.6CVSS6.6AI score0.02029EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2025/05/22 8:41 a.m.18 views

CVE-2019-5049

An exploitable memory corruption vulnerability exists in AMD ATIDXX64.DLL driver, versions 25.20.15031.5004 and 25.20.15031.9002. A specially crafted pixel shader can cause an out-of-bounds memory write. An attacker can provide a specially crafted shader file to trigger this vulnerability. This...

10CVSS6.9AI score0.02013EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 1:24 a.m.8 views

CVE-2013-3080

VMware vCenter Server Appliance vCSA 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface VAMI web-interface access...

9CVSS7.8AI score0.0247EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/22 12:29 a.m.10 views

CVE-2013-3658

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors...

9.4CVSS7.2AI score0.03687EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2025/05/21 9:19 p.m.13 views

CVE-2005-0444

VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code...

4.6CVSS7.3AI score0.00371EPSS
Exploits0References1
NVD
NVD
added 2025/03/04 12:15 p.m.10 views

CVE-2025-22226

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process...

7.1CVSS0.01676EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2025/03/04 12:0 a.m.22 views

CVE-2025-22226

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. Recent assessments: remmons-r7 at...

9.3CVSS8.9AI score0.01676EPSS
In wildExploits0References2
OSV
OSV
added 2024/03/05 6:15 p.m.4 views

CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

6.7CVSS7.7AI score0.00645EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/05 12:0 a.m.6 views

PT-2024-1973 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: A use-after-free vulnerability in the XHCI USB controller of VMware products allows a malicious actor with local administrative privileges on a virtual machine ...

9.3CVSS9.3AI score0.03542EPSS
Exploits0References40
Malwarebytes
Malwarebytes
added 2023/10/30 2:44 p.m.13 views

A week in security (October 23 – October 29)

Last week on Malwarebytes Labs: Malvertising via Dynamic Search Ads delivers malware bonanza Octo Tempest cybercriminal group is "a growing concern"—Microsoft Update now! Apple patches a raft of vulnerabilities Patch…later? Safari iLeakage bug not fixed Update vCenter Server now! VMWare fixes...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2022/10/21 2:56 p.m.194 views

Multiple Campaigns Exploit VMware Vulnerability to Deploy Crypto Miners and Ransomware

A now-patched vulnerability in VMware Workspace ONE Access has been observed being exploited to deliver both cryptocurrency miners and ransomware on affected machines. "The attacker intends to utilize a victim's resources as much as possible, not only to install RAR1Ransom for extortion, but also...

10CVSS0.1AI score0.99997EPSS
Exploits41
Source Incite
Source Incite
added 2022/02/25 12:0 a.m.108 views

SRC-2022-0008 : VMware Workspace ONE Access ApplicationSetupController dbTestConnection JDBC Injection Remote Code Execution Vulnerability

Vulnerability Details: This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workspace ONE Access. Authentication is required to exploit this vulnerability. The specific flaw exists within ApplicationSetupController class. The issue results from...

7.2CVSS7.7AI score0.02952EPSS
Exploits5
Schneier on Security
Schneier on Security
added 2020/12/18 4:35 p.m.38 views

NSA on Authentication Hacks (Related to SolarWinds Breach)

The NSA has published an advisory outlining how "malicious cyber actors" are "are manipulating trust in federated authentication environments to access protected data in the cloud." This is related to the SolarWinds hack I have previously written about, and represents one of the techniques the SV...

0.8AI score
Exploits0
The Hacker News
The Hacker News
added 2020/12/08 5:44 a.m.7 views

NSA Warns Russian Hacker Exploiting VMware Bug to Breach Corporate Networks

The US National Security Agency NSA on Monday issued an advisory warning that Russian threat actors are leveraging recently disclosed VMware vulnerability to install malware on corporate systems and access protected data. Specifics regarding the identities of the threat actor exploiting the VMwar...

9.1CVSS7.6AI score0.23771EPSS
Exploits0
Wired Threat Level
Wired Threat Level
added 2020/12/07 3:7 p.m.30 views

The NSA Warns That Russia Is Attacking Remote Work Platforms

A vulnerability in VMWare has prompted a warning that companies—and government agencies—need to patch as soon as possible...

3.3AI score
Exploits0
Rows per page
Query Builder