13053 matches found
PT-2026-1167
CVE-2025-22201 - VMware vCenter Server Remote Code Execution CVE ID : CVE-2025-22201 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA...
PT-2026-20427
Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to hypercall clobbers within the x86/vmware component. Specifically, the QEMU VMware mouse emulation incorrectly clears the upper 32 bits of the...
Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993051)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993051 advisory. In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by...
PT-2025-53424
CVE-2025-68691 - VMware Server Privilege Escalation Vulnerability CVE ID : CVE-2025-68691 Published : Dec. 24, 2025, 4:15 a.m. | 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
PT-2025-52876
CVE-2025-68652 - VMware SSH Command Injection CVE ID : CVE-2025-68652 Published : Dec. 23, 2025, 4:15 a.m. | 2 hours, 43 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...
EUVD-2025-203648
In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...
CVE-2025-68248
In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...
CVE-2025-68248 vmw_balloon: indicate success when effectively deflating during migration
In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...
CVE-2025-68248
CVE-2025-68248 – summary : In the Linux kernel, a balloon-page migration flow (vmw_balloon) could incorrectly reflect success when deflating the old page during migration if inflating the new page succeeded. This could leave the old page marked isolated and lead to a WARN_ON_ONCE() at balloon_pag...
CVE-2025-68248 vmw_balloon: indicate success when effectively deflating during migration
In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...
SUSE CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
EUVD-2022-55738
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
DEBIAN-CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
CVE-2022-50667
In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...
drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE
...
CVE-2025-40277
Mode C: Vulnerability: CVE-2025-40277 affects the Linux kernel, specifically drm/vmwgfx. Root cause: insufficient validation of the command header size against SVGA_CMD_MAX_DATASIZE, allowing an input originating from userspace to influence buffer offset calculations and potentially cause an out-...
Chinese State Hackers Use New BRICKSTORM Malware Against VMware Systems
CISA, NSA, and Canadian Cyber Centre warn that PRC state-sponsored hackers are using BRICKSTORM, a stealthy Go-based backdoor, for long-term espionage in Government and IT networks...
Linux kernel 安全漏洞
Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from drm vmwgfx not validating command header sizes, which could result in a buffer overflow...
CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems
The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...