Lucene search
K

500 matches found

Debian CVE
Debian CVE
added 2025/09/29 4:9 p.m.12 views

CVE-2025-41244

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

7.8CVSS8AI score0.0788EPSS
Exploits3
Cvelist
Cvelist
added 2025/09/29 4:9 p.m.19 views

CVE-2025-41244 VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

7.8CVSS0.0788EPSS
Exploits3References1
CVE
CVE
added 2025/09/29 4:9 p.m.148 views

CVE-2025-41244

CVE-2025-41244 covers a local privilege-escalation in Open VM Tools used with VMware Aria Operations; a non-administrative local user with access to a VM that has VMware Tools (SDMP enabled) can escalate to root within the same VM. Affected component: open-vm-tools bundled with VMware Tools; root...

7.8CVSS6.8AI score0.0788EPSS
In wildExploits3References6Affected Software6
Cvelist
Cvelist
added 2025/09/29 3:57 p.m.14 views

CVE-2025-41246 Improper authorisation vulnerability

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls. A malicious actor with non-administrative privileges on a guest VM, who is already authenticated through vCenter or ESX may exploit this issue to access other guest VMs...

7.6CVSS0.00266EPSS
Exploits0References1
CVE
CVE
added 2025/09/29 3:57 p.m.45 views

CVE-2025-41246

CVE-2025-41246 affects VMware Tools for Windows. The issue is an improper authorization in how user access controls are handled. A malicious actor with non-administrative privileges on a guest VM, who is already authenticated via vCenter or ESX, may exploit this vulnerability to access other gues...

7.6CVSS6.4AI score0.00266EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.9 views

PT-2025-39835

Name of the Vulnerable Software and Affected Versions VMware Tools for Windows affected versions not specified Description VMware Tools contains an improper authorisation issue related to how it manages user access controls. A malicious actor with non-administrative privileges on a guest virtual...

7.6CVSS6.2AI score0.00266EPSS
Exploits0References16
OSV
OSV
added 2025/09/29 12:0 a.m.4 views

UBUNTU-CVE-2025-41244

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

7.8CVSS7.3AI score0.0788EPSS
Exploits3References5
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.11 views

VMware Tools和VMware Aria Operations 安全漏洞

VMware Tools and VMware Aria Operations are both products of VMware, Inc. VMware Tools is an enhancement tool that comes with VMWare virtual machines and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of th...

7.8CVSS7AI score0.0788EPSS
Exploits3References2
VulnCheck KEV
VulnCheck KEV
added 2025/09/29 12:0 a.m.3 views

VulnCheck KEV: CVE-2025-41244

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

7.8CVSS7.3AI score0.0788EPSS
In wildExploits3References6
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.7 views

VMware Tools for Windows 安全漏洞

VMware Tools for Windows is a set of Windows-based, VMWare virtual machine enhancement tools from VMware, which are drivers provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with those of the host. A...

7.6CVSS6.7AI score0.00266EPSS
Exploits0References2
VMware
VMware
added 2025/09/29 12:0 a.m.65 views

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

Advisory ID: | VMSA-2025-0015.1 ---|--- Advisory Severity: | Important CVSSv3 Range: | 4.9 -7.8 Synopsis: | VMware Aria Operations and VMware Tools updates address multiple vulnerabilities CVE-2025-41244,CVE-2025-41245, CVE-2025-41246 Issue date: | 2025-09-29 Updated on: | 2025-10-30 CVEs |...

7.8CVSS6.8AI score0.0788EPSS
Exploits3References5
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2025-22247

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to...

6.1CVSS6.4AI score0.00247EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/18 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2023-34058

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...

7.5CVSS7.2AI score0.00667EPSS
Exploits0References2
Redos
Redos
added 2025/08/13 12:0 a.m.7 views

ROS-20250813-04

VMware Tools suite vulnerability is related to access control flaws. Exploitation of the vulnerability could allow an attacker to escalate privileges...

7.8CVSS7.5AI score0.0054EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/11 12:0 a.m.16 views

VMware Tools 11.x / 12.x < 12.5.3 / 13.x < 13.0.1.0 vSockets Information Disclosure (VMSA-2025-0013)

The version of VMware Tools installed on the remote Windows host is 11.x, 12.x prior to 12.5.3, or 13.x prior to 13.0.1.0. It is, therefore, affected by an information disclosure vulnerbility: - VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability du...

7.1CVSS5.5AI score0.02154EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2025/07/15 12:0 a.m.11 views

PT-2025-29587

Name of the Vulnerable Software and Affected Versions: VMware ESXi VMware Workstation VMware Fusion VMware Tools Description: The software contains an information disclosure issue due to the use of uninitialized memory in vSockets. A malicious actor with local administrative privileges on a virtu...

7.1CVSS5.6AI score0.02154EPSS
Exploits0References16
CNNVD
CNNVD
added 2025/07/15 12:0 a.m.8 views

VMware多款产品 安全漏洞

VMware ESXi is a server virtualization platform that can be installed directly on physical servers, VMware Workstation is a suite of virtual machine software, and VMware Fusion is a suite of virtual machine software specifically designed to run Windows applications on Macs. VMware Fusion is a sui...

7.1CVSS5.9AI score0.02154EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.7 views

TencentOS Server 2: open-vm-tools (TSSA-2023:0123)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0123 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

3.9CVSS6.2AI score0.13638EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.9 views

TencentOS Server 2: open-vm-tools (TSSA-2023:0276)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2023:0276 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...

7.5CVSS6.5AI score0.00667EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.5 views

TencentOS Server 3: open-vm-tools (TSSA-2023:0197)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0197 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

3.9CVSS6.2AI score0.13638EPSS
Exploits0References2
Rows per page
Query Builder