13 matches found
CVE-2022-31693
VMware Tools for Windows 12.x.y prior to 12.1.5, 11.x.y and 10.x.y contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...
EUVD-2010-1172
Malware in sbrugna...
EUVD-2022-53288
Malicious code in bioql PyPI...
EUVD-2022-28068
Malicious code in bioql PyPI...
CVE-2022-22943
VMware Tools for Windows 11.x.y and 10.x.y prior to 12.0.0 contains an uncontrolled search path vulnerability. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest O...
CVE-2022-31693
VMware Tools for Windows 12.x.y prior to 12.1.5, 11.x.y and 10.x.y contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...
CVE-2022-31693
VMware Tools for Windows 12.x.y prior to 12.1.5, 11.x.y and 10.x.y contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest OS, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...
VMware ESX Multiple Vulnerabilities (VMSA-2010-0007) (remote check)
The remote VMware ESX host is missing a security-related patch. It is, therefore, affected by multiple vulnerabilities : - A format string flaw exists in the VMware Remote Console that allows a remote attacker to execute arbitrary code. CVE-2009-3732 - A flaw exists in VMware Tools due to imprope...
Design/Logic Flaw
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs ...
CVE-2013-3519
lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs ...
VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
a. VMware Tools Display Driver Privilege Escalation The VMware XPDM and WDDM display drivers contain buffer overflow vulnerabilities and the XPDM display driver does not properly check for NULL pointers. Exploitation of these issues may lead to local privilege escalation on Windows-based Guest...
Code injection
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5,...
VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
a. Windows-based VMware Tools Unsafe Library Loading vulnerability A vulnerability in the way VMware libraries are referenced allows for arbitrary code execution in the context of the logged on user. This vulnerability is present only on Windows Guest Operating Systems. In order for an attacker t...