Lucene search
K

13053 matches found

CISA
CISA
added 2025/12/04 12:0 p.m.16 views

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency CISA is aware of ongoing intrusions by People’s Republic of China PRC state-sponsored cyber actors using BRICKSTORM malware for long-term persistence on victim systems. BRICKSTORM is a sophisticated backdoor for VMware vSphere1,2 and Windows...

6.6AI score
Exploits0References10
IBM Security Bulletins
IBM Security Bulletins
added 2025/11/27 11:46 a.m.7 views

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK affect VMware Agent from IBM Tivoli Monitoring for Virtual Environments.

Summary IBM java SDK is used by VMware Agent from IBM Tivoli Monitoring for Virtual Environments. Vulnerability Details CVEID:CVE-2025-53066 DESCRIPTION: An unspecified vulnerability in Java SE related to the JAXP component could allow a remote attacker to cause high confidentiality impact, no...

7.5CVSS6.3AI score0.00633EPSS
Exploits0Affected Software1
Akamai Blog
Akamai Blog
added 2025/11/25 2:0 p.m.3 views

Beyond NSX: A Strategic Alternative for VMware Customers

Broadcom’s VMware acquisition has driven up costs and complexity. Akamai Guardicore Segmentation offers a modern, secure, and cost-efficient path beyond NSX...

7AI score
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/11/20 12:0 a.m.6 views

TencentOS Server 4: open-vm-tools (TSSA-2025:0401)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0401 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.1CVSS6.5AI score0.00249EPSS
Exploits0References2
Ubuntu
Ubuntu
added 2025/11/19 9:1 p.m.5 views

USN-7875-1: Linux kernel (Oracle) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

9.1CVSS7.5AI score0.01367EPSS
Exploits8
OSV
OSV
added 2025/11/19 9:1 p.m.8 views

USN-7875-1 linux-oracle vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

9.1CVSS6.4AI score0.01367EPSS
Exploits8References29
Microsoft CVE
Microsoft CVE
added 2025/11/13 9:1 a.m.3 views

drm/vmwgfx: Fix Use-after-free in validation

...

4.7CVSS7AI score0.00171EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2025/11/13 12:24 a.m.3 views

SUSE CVE-2025-40111

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix Use-after-free in validation Nodes stored in the validation duplicates hashtable come from an arena allocator that is cleared at the end of vmwexecbufprocess. All nodes are expected to be cleared in...

4.7CVSS6.5AI score0.00171EPSS
Exploits0References20
Cvelist
Cvelist
added 2025/11/12 1:7 a.m.5 views

CVE-2025-40111 drm/vmwgfx: Fix Use-after-free in validation

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix Use-after-free in validation Nodes stored in the validation duplicates hashtable come from an arena allocator that is cleared at the end of vmwexecbufprocess. All nodes are expected to be cleared in...

0.00171EPSS
Exploits0References8
CVE
CVE
added 2025/11/12 1:7 a.m.37 views

CVE-2025-40110

The CVE-2025-40110 entry concerns the Linux kernel: for the DRM/vmwgfx component, a null-pointer dereference in the cursor snooper was fixed. The patch adds a validation that the actual surface resource exists before using the cursor snooper, addressing a scenario where SVGA3D_INVALID_ID could be...

6.1AI score0.00167EPSS
Exploits0References7
Lenovo
Lenovo
added 2025/11/11 2:31 p.m.4 views

ESXi RDMA driver for Intel 800 Series Ethernet Advisory - Lenovo Support US

No description provided...

6.9AI score
Exploits0
OSV
OSV
added 2025/11/10 12:6 p.m.8 views

USN-7865-1 linux-fips vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS6.8AI score0.01345EPSS
Exploits8References23
Ubuntu
Ubuntu
added 2025/11/10 12:6 p.m.6 views

USN-7865-1: Linux kernel (FIPS) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.5AI score0.01345EPSS
Exploits8
OSV
OSV
added 2025/11/07 9:19 a.m.6 views

USN-7795-5 linux-raspi-5.4 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system NFS server daemon; - Packet sockets; - Network traffic control; - VMware...

7.8CVSS6.7AI score0.00288EPSS
Exploits0References6
Ubuntu
Ubuntu
added 2025/11/07 9:19 a.m.4 views

USN-7795-5: Linux kernel (Raspberry Pi) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network file system NFS server daemon; - Packet sockets; - Network traffic control; - VMware...

7.8CVSS7.1AI score0.00288EPSS
Exploits0
The Hacker News
The Hacker News
added 2025/10/31 7:9 a.m.14 views

CISA Flags VMware Zero-Day Exploited by China-Linked Hackers in Active Attacks

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Thursday added a high-severity security flaw impacting Broadcom VMware Tools and VMware Aria Operations to its Known Exploited Vulnerabilities KEV catalog, following reports of active exploitation in the wild. The vulnerability in...

7.8CVSS8.5AI score0.0788EPSS
Exploits3
OSV
OSV
added 2025/10/30 7:48 p.m.8 views

USN-7854-1 linux-kvm vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS6.8AI score0.01345EPSS
Exploits8References19
Ubuntu
Ubuntu
added 2025/10/30 7:48 p.m.8 views

USN-7854-1: Linux kernel (KVM) vulnerabilities

Jean-Claude Graf, Sandro Rüegge, Ali Hajiabadi, and Kaveh Razavi discovered that the Linux kernel contained insufficient branch predictor isolation between a guest and a userspace hypervisor for certain processors. This flaw is known as VMSCAPE. An attacker in a guest VM could possibly use this t...

7.8CVSS7.5AI score0.01345EPSS
Exploits8
CISA
CISA
added 2025/10/30 12:0 p.m.15 views

CISA Adds Two Known Exploited Vulnerabilities to Catalog

CISA has added two new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2025-24893link is external XWiki Platform Eval Injection Vulnerability CVE-2025-41244link is external Broadcom VMware Aria Operations and VMware Tools Privilege...

9.8CVSS7.2AI score0.99898EPSS
In wildExploits53References7
NVD
NVD
added 2025/10/30 10:15 a.m.12 views

CVE-2025-40104

In the Linux kernel, the following vulnerability has been resolved: ixgbevf: fix mailbox API compatibility by negotiating supported features There was backward compatibility in the terms of mailbox API. Various drivers from various OSes supporting 10G adapters from Intel portfolio could easily...

0.00183EPSS
Exploits0References5
Rows per page
Query Builder