10 matches found
CVE-2025-22226
CVE-2025-22226 affects VMware ESXi, Workstation, and Fusion via an out-of-bounds read in HGFS, allowing a VM-guest with local admin rights to leak memory from the vmx host process (information disclosure). Connected sources corroborate three related VMware flaws (CVE-2025-22224, CVE-2025-22225) a...
CVE-2025-22224
CVE-2025-22224 refers to a TOCTOU race condition in VMware ESXi/Workstation that can cause an out-of-bounds write. IBM’s security bulletin ties this to Broadcom VMware ESXi vulnerabilities and details that a local admin within a VM can exploit the vulnerability to run code in the host’s VMX proce...
CVE-2025-22225
CVE-2025-22225 applies to VMware ESXi and involves an arbitrary write vulnerability where a malicious actor with privileges within the VMX process can trigger an arbitrary kernel write, leading to a sandbox escape. CVSS 3.1 base score 8.2 (HIGH) with LOCAL attack vector and HIGH impact on confide...
CVE-2025-41244
CVE-2025-41244 covers a local privilege-escalation in Open VM Tools used with VMware Aria Operations; a non-administrative local user with access to a VM that has VMware Tools (SDMP enabled) can escalate to root within the same VM. Affected component: open-vm-tools bundled with VMware Tools; root...
CVE-2026-22719
CVE-2026-22719 describes a command injection vulnerability in VMware Aria Operations that could allow an unauthenticated attacker to execute arbitrary commands and potentially achieve remote code execution during support‑assisted product migration. Affected product is VMware Aria Operations (8.x ...
CVE-2025-22243
CVE-2025-22243 is a stored XSS vulnerability in VMware NSX Manager UI caused by improper input validation. The issue affects the NSX Manager UI component where an attacker with privileges to create or modify network settings could inject script that executes when a user views the affected page. T...
CVE-2025-22244
CVE-2025-22244 is a stored XSS in VMware NSX gateway firewall caused by improper input validation. Connected advisories confirm multiple NSX components are affected (gateway firewall among others) and provide fixed versions: NSX 4.2.2.1, NSX 4.2.1.4, and NSX 4.1.2.6 (and related NSX-T/Cloud Found...
CVE-2025-22245
VMware NSX contains a stored XSS vulnerability in the router port due to improper input validation (CVE-2025-22245). The issue is addressed by VMware Broadcom VMSA-2025-0012/0012.1, with fixed versions listed for various NSX releases: NSX 4.2.2.1, 4.2.1.4, 4.1.2.6 (and NSX-T 3.2.4.2; higher-level...
CVE-2026-22721
CVE-2026-22721 affects VMware Aria Operations (8.x) prior to 8.18.6. A privileged actor in vCenter who can access Aria Operations can escalate to administrative rights. Remediation is via patches listed in the Fixed Version column of the VMSA-2026-0001 response matrix (Broadcom VMware security ad...
CVE-2026-22720
CVE-2026-22720 affects VMware Aria Operations 8.x prior to 8.18.6, with a stored XSS in custom benchmarks. Remediation is to apply the fixes listed in VMSA-2026-0001 (Aria Operations 8.18.6). Connected sources also note CVE-2026-22719 (command injection) and CVE-2026-22721 (privilege escalation) ...