Lucene search
K

13052 matches found

Vulnrichment
Vulnrichment
added 2026/02/26 6:35 p.m.4 views

CVE-2026-22722 VMware Workstation for Windows null pointer dereference may allow an authenticated user to trigger a crash

A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix'...

6.1CVSS5.9AI score0.00148EPSS
Exploits0References1
CVE
CVE
added 2026/02/26 6:35 p.m.32 views

CVE-2026-22722

VMware Workstation for Windows is affected by CVE-2026-22722: a null pointer dereference can be triggered by an authenticated user with local access on Windows hosts. The issue affects VMware Workstation 17.x and 25H2 (before the patch 25H2u1). The root cause is a NULL pointer dereference vulnera...

6.1CVSS5.3AI score0.00148EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/02/26 6:29 p.m.24 views

CVE-2026-22715 VMware Workstation/Fusion NAT vulnerability

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...

5.9CVSS0.00203EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2026/02/26 6:29 p.m.4 views

CVE-2026-22715

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...

5.9CVSS5.8AI score0.00203EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2026/02/26 6:29 p.m.7 views

CVE-2026-22715 VMware Workstation/Fusion NAT vulnerability

VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...

5.9CVSS5.9AI score0.00203EPSS
Exploits0References1
CVE
CVE
added 2026/02/26 6:29 p.m.41 views

CVE-2026-22715

Summary of CVE-2026-22715 : VMware Workstation and Fusion have a logic flaw in the management of network packets. A malicious actor with administrative privileges on a guest VM may interrupt or intercept network connections of other guest VMs. Affected products/versions in provided documents incl...

5.9CVSS5.3AI score0.00203EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.5 views

PT-2026-22148

Name of the Vulnerable Software and Affected Versions Windows Workstation affected versions not specified Description A user with authenticated access on a Windows based Workstation host may cause a null pointer dereference error. Recommendations At the moment, there is no information about a new...

6.1CVSS5.9AI score0.00148EPSS
Exploits0References6
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.8 views

VMware Workstation 安全漏洞

VMware Workstation is a virtual machine software developed by the American company VMware. This software allows for the creation of virtual machines that can run multiple different operating systems simultaneously. VMware Workstation has a security vulnerability that can lead to a null pointer...

6.1CVSS5.8AI score0.00148EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.5 views

PT-2026-22146

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 25H1 and below Description A flaw exists in VMware Workstation that could allow a user with limited access within a guest virtual machine to disrupt the host system. Specifically, an out-of-bounds write issue can le...

5CVSS5.9AI score0.00156EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.4 views

PT-2026-22147

Name of the Vulnerable Software and Affected Versions VMware Workstation versions 25H1 and below Description An out-of-bound read issue exists in VMware Workstation. An attacker with non-administrative privileges on a guest virtual machine can potentially obtain limited information disclosure fro...

2.7CVSS6AI score0.00167EPSS
Exploits0References4
CNNVD
CNNVD
added 2026/02/26 12:0 a.m.11 views

VMware Workstation和VMware Fusion 安全漏洞

VMware Workstation and VMware Fusion are both products of the American company VMware. VMware Workstation is a virtual machine software that allows for the running of multiple different operating systems within a single virtual machine. VMware Fusion, on the other hand, is a virtual machine...

5.9CVSS5.8AI score0.00203EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/02/26 12:0 a.m.9 views

PT-2026-22145

Name of the Vulnerable Software and Affected Versions VMware Workstation and Fusion versions prior to 25H2U1 Description VMware Workstation and Fusion have a flaw in how network packets are managed. A malicious actor with administrative privileges on a Guest VM may be able to interrupt or interce...

5.9CVSS6AI score0.00203EPSS
Exploits0References5
EUVD
EUVD
added 2026/02/25 9:31 p.m.5 views

EUVD-2026-8708

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate...

8.1CVSS6.7AI score0.17424EPSS
Exploits0References4
EUVD
EUVD
added 2026/02/25 9:31 p.m.4 views

EUVD-2026-8725

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

6.2CVSS5.4AI score0.00686EPSS
Exploits0References3
EUVD
EUVD
added 2026/02/25 9:31 p.m.13 views

EUVD-2026-8709

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...

8CVSS5AI score0.00411EPSS
Exploits0References3
NVD
NVD
added 2026/02/25 9:16 p.m.6 views

CVE-2026-22721

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

7.2CVSS0.00686EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 9:16 p.m.4 views

CVE-2026-22721

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

7.2CVSS5.8AI score0.00686EPSS
Exploits0References2
NVD
NVD
added 2026/02/25 8:23 p.m.6 views

CVE-2026-22720

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...

9CVSS0.00411EPSS
Exploits0References2
OSV
OSV
added 2026/02/25 8:23 p.m.4 views

CVE-2026-22720

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...

9CVSS5.6AI score0.00411EPSS
Exploits0References2
NVD
NVD
added 2026/02/25 8:23 p.m.8 views

CVE-2026-22719

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate...

8.1CVSS0.17424EPSS
Exploits0References4
Rows per page
Query Builder