Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
esxi vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2024-22252
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...
1 Github repository
2 Articles
NA
CVE-2024-22253
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host...
1 Article
NA
CVE-2024-22255
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
1 Article
NA
CVE-2024-22254
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
2 Articles
NA
CVE-2023-36628
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.
Purestorage Purity\\/\\/fa
NA
CVE-2023-20867
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
Vmware Tools
3 Articles
NA
CVE-2023-29552
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote malicious user to register arbitrary services. This could allow the malicious user to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
Netapp Smi-s Provider -
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
Suse Manager Server -
Vmware Esxi
Service Location Protocol Project Service Location Protocol -
NA
CVE-2023-20854
VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from the file system of the machine on which Workstation is installed.
Vmware Workstation 17.0
1 Article
NA
CVE-2022-23816
Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate is unused by its CNA. Notes: none.
1 Article
NA
CVE-2022-31705
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process run...
Vmware Esxi 7.0
Vmware Workstation
Vmware Esxi 8.0
Vmware Fusion
1 Github repository
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »