Lucene search
K

13053 matches found

Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.7 views

PT-2026-1167

CVE-2025-22201 - VMware vCenter Server Remote Code Execution CVE ID : CVE-2025-22201 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA...

7.3AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/01/01 12:0 a.m.9 views

PT-2026-20427

Name of the Vulnerable Software and Affected Versions Linux kernel affected versions not specified Description The Linux kernel contains a flaw related to hypercall clobbers within the x86/vmware component. Specifically, the QEMU VMware mouse emulation incorrectly clears the upper 32 bits of the...

5.5CVSS5.8AI score0.00112EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/12/31 12:0 a.m.2 views

Unity Linux 20.1060a / 20.1070a Security Update: kernel (UTSA-2025-993051)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-993051 advisory. In the Linux kernel, the following vulnerability has been resolved: misc/vmwvmci: fix an infoleak in vmcihostdoreceivedatagram struct vmcieventqp allocated by...

5.5CVSS6.2AI score0.0018EPSS
Exploits0References4
Positive Technologies
Positive Technologies
added 2025/12/24 12:0 a.m.7 views

PT-2025-53424

CVE-2025-68691 - VMware Server Privilege Escalation Vulnerability CVE ID : CVE-2025-68691 Published : Dec. 24, 2025, 4:15 a.m. | 50 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7AI score
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/12/23 12:0 a.m.4 views

PT-2025-52876

CVE-2025-68652 - VMware SSH Command Injection CVE ID : CVE-2025-68652 Published : Dec. 23, 2025, 4:15 a.m. | 2 hours, 43 minutes ago Description : Rejected reason: Not used Severity: 0.0 | NA Visit the link for more details, such as CVSS details, affected products, timeline, and more...

7.1AI score
Exploits0References1
EUVD
EUVD
added 2025/12/16 3:30 p.m.4 views

EUVD-2025-203648

In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...

5.9AI score0.00158EPSS
Exploits0References3
UbuntuCve
UbuntuCve
added 2025/12/16 3:15 p.m.6 views

CVE-2025-68248

In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...

5.7AI score0.00158EPSS
Exploits0References9
Cvelist
Cvelist
added 2025/12/16 2:32 p.m.21 views

CVE-2025-68248 vmw_balloon: indicate success when effectively deflating during migration

In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...

0.00158EPSS
Exploits0References2
CVE
CVE
added 2025/12/16 2:32 p.m.11 views

CVE-2025-68248

CVE-2025-68248 – summary : In the Linux kernel, a balloon-page migration flow (vmw_balloon) could incorrectly reflect success when deflating the old page during migration if inflating the new page succeeded. This could leave the old page marked isolated and lead to a WARN_ON_ONCE() at balloon_pag...

6.1AI score0.00158EPSS
Exploits0References2
OSV
OSV
added 2025/12/16 2:32 p.m.8 views

CVE-2025-68248 vmw_balloon: indicate success when effectively deflating during migration

In the Linux kernel, the following vulnerability has been resolved: vmwballoon: indicate success when effectively deflating during migration When migrating a balloon page, we first deflate the old page to then inflate the new page. However, if inflating the new page succeeded, we effectively...

6.3AI score0.00158EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2025/12/10 12:38 a.m.4 views

SUSE CVE-2022-50667

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...

5.5CVSS6.4AI score0.002EPSS
Exploits0References5
EUVD
EUVD
added 2025/12/09 6:30 p.m.7 views

EUVD-2022-55738

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...

5.9AI score0.002EPSS
Exploits0References5
NVD
NVD
added 2025/12/09 4:17 p.m.4 views

CVE-2022-50667

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...

0.002EPSS
Exploits0References4
OSV
OSV
added 2025/12/09 4:17 p.m.3 views

DEBIAN-CVE-2022-50667

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...

5.1AI score0.002EPSS
Exploits0References1
Debian CVE
Debian CVE
added 2025/12/09 1:29 a.m.4 views

CVE-2022-50667

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix memory leak in vmwmksstataddioctl If the copy of the description string from userspace fails, then the page for the instance descriptor doesn't get freed before returning -EFAULT, which leads to a memleak...

5.1AI score0.002EPSS
Exploits0
Microsoft CVE
Microsoft CVE
added 2025/12/08 9:1 a.m.4 views

drm/vmwgfx: Validate command header size against SVGA_CMD_MAX_DATASIZE

...

7.3CVSS7AI score0.00335EPSS
Exploits0
CVE
CVE
added 2025/12/06 9:51 p.m.84 views

CVE-2025-40277

Mode C: Vulnerability: CVE-2025-40277 affects the Linux kernel, specifically drm/vmwgfx. Root cause: insufficient validation of the command header size against SVGA_CMD_MAX_DATASIZE, allowing an input originating from userspace to influence buffer offset calculations and potentially cause an out-...

6.6AI score0.00335EPSS
Exploits0References8
HackRead
HackRead
added 2025/12/06 1:2 p.m.9 views

Chinese State Hackers Use New BRICKSTORM Malware Against VMware Systems

CISA, NSA, and Canadian Cyber Centre warn that PRC state-sponsored hackers are using BRICKSTORM, a stealthy Go-based backdoor, for long-term espionage in Government and IT networks...

7AI score
Exploits0
CNNVD
CNNVD
added 2025/12/06 12:0 a.m.3 views

Linux kernel 安全漏洞

Linux kernel is the kernel used by Linux, the open source operating system of the Linux Foundation in the United States. A security vulnerability exists in the Linux kernel that stems from drm vmwgfx not validating command header sizes, which could result in a buffer overflow...

6.5AI score0.00335EPSS
Exploits0References11
The Hacker News
The Hacker News
added 2025/12/05 8:14 a.m.18 views

CISA Reports PRC Hackers Using BRICKSTORM for Long-Term Access in U.S. Systems

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday released details of a backdoor named BRICKSTORM that has been put to use by state-sponsored threat actors from the People's Republic of China PRC to maintain long-term persistence on compromised systems. "BRICKSTORM is a...

9.8CVSS10AI score0.99999EPSS
Exploits52
Rows per page
Query Builder