13052 matches found
CVE-2026-22722 VMware Workstation for Windows null pointer dereference may allow an authenticated user to trigger a crash
A malicious actor with authenticated user privileges on a Windows based Workstation host may be able to cause a null pointer dereference error. To Remediate CVE-2026-22722, apply the patches listed in the "Fixed version" column of the 'Response Matrix'...
CVE-2026-22722
VMware Workstation for Windows is affected by CVE-2026-22722: a null pointer dereference can be triggered by an authenticated user with local access on Windows hosts. The issue affects VMware Workstation 17.x and 25H2 (before the patch 25H2u1). The root cause is a NULL pointer dereference vulnera...
CVE-2026-22715 VMware Workstation/Fusion NAT vulnerability
VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...
CVE-2026-22715
VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...
CVE-2026-22715 VMware Workstation/Fusion NAT vulnerability
VMWare Workstation and Fusion contain a logic flaw in the management of network packets. Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt or intercept network connections of other Guest VM's. Resolution: To remediate CVE-2026-22715...
CVE-2026-22715
Summary of CVE-2026-22715 : VMware Workstation and Fusion have a logic flaw in the management of network packets. A malicious actor with administrative privileges on a guest VM may interrupt or intercept network connections of other guest VMs. Affected products/versions in provided documents incl...
PT-2026-22148
Name of the Vulnerable Software and Affected Versions Windows Workstation affected versions not specified Description A user with authenticated access on a Windows based Workstation host may cause a null pointer dereference error. Recommendations At the moment, there is no information about a new...
VMware Workstation 安全漏洞
VMware Workstation is a virtual machine software developed by the American company VMware. This software allows for the creation of virtual machines that can run multiple different operating systems simultaneously. VMware Workstation has a security vulnerability that can lead to a null pointer...
PT-2026-22146
Name of the Vulnerable Software and Affected Versions VMware Workstation versions 25H1 and below Description A flaw exists in VMware Workstation that could allow a user with limited access within a guest virtual machine to disrupt the host system. Specifically, an out-of-bounds write issue can le...
PT-2026-22147
Name of the Vulnerable Software and Affected Versions VMware Workstation versions 25H1 and below Description An out-of-bound read issue exists in VMware Workstation. An attacker with non-administrative privileges on a guest virtual machine can potentially obtain limited information disclosure fro...
VMware Workstation和VMware Fusion 安全漏洞
VMware Workstation and VMware Fusion are both products of the American company VMware. VMware Workstation is a virtual machine software that allows for the running of multiple different operating systems within a single virtual machine. VMware Fusion, on the other hand, is a virtual machine...
PT-2026-22145
Name of the Vulnerable Software and Affected Versions VMware Workstation and Fusion versions prior to 25H2U1 Description VMware Workstation and Fusion have a flaw in how network packets are managed. A malicious actor with administrative privileges on a Guest VM may be able to interrupt or interce...
EUVD-2026-8708
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate...
EUVD-2026-8725
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...
EUVD-2026-8709
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...
CVE-2026-22721
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...
CVE-2026-22721
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...
CVE-2026-22720
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...
CVE-2026-22720
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations. To remediate CVE-2026-22720, apply the patches listed in the 'Fixed...
CVE-2026-22719
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress. To remediate...