Vulnerabilites related to VMware - ESXi
CVE-2017-4940 (GCVE-0-2017-4940)
Vulnerability from cvelistv5
Published
2017-12-20 15:00
Modified
2024-09-17 03:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stored cross-site scripting vulnerability
Summary
The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:43.217Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040024",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 before ESXi650-201712103-SG"
},
{
"status": "affected",
"version": "6.0 before ESXi600-201711103-SG"
},
{
"status": "affected",
"version": "5.5 before ESXi550-201709102-SG)"
}
]
}
],
"datePublic": "2017-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored cross-site scripting vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-21T10:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040024",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040024"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2017-12-19T00:00:00",
"ID": "CVE-2017-4940",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 before ESXi650-201712103-SG"
},
{
"version_value": "6.0 before ESXi600-201711103-SG"
},
{
"version_value": "5.5 before ESXi550-201709102-SG)"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The ESXi Host Client in VMware ESXi (6.5 before ESXi650-201712103-SG, 5.5 before ESXi600-201711103-SG and 5.5 before ESXi550-201709102-SG) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker can exploit this vulnerability by injecting Javascript, which might get executed when other users access the Host Client."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored cross-site scripting vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040024",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4940",
"datePublished": "2017-12-20T15:00:00Z",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-09-17T03:02:37.214Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41236 (GCVE-0-2025-41236)
Vulnerability from cvelistv5
Published
2025-07-15 18:34
Modified
2025-07-16 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 8.0 < ESXi80U3f-24784735 Version: 8.0 < ESXi80U2e-24789317 Version: 7.0 < ESXi70U3w-24784741 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41236",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T03:55:58.257Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3f-24784735",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2e-24789317",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3w-24784741",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.4",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"lessThanOrEqual": "13.6.4",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-07-15T03:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter.\u00a0A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the host. Non VMXNET3 virtual adapters are not affected by this issue."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T18:34:12.719Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMXNET3 integer-overflow vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41236",
"datePublished": "2025-07-15T18:34:12.719Z",
"dateReserved": "2025-04-16T09:30:17.798Z",
"dateUpdated": "2025-07-16T03:55:58.257Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41226 (GCVE-0-2025-41226)
Vulnerability from cvelistv5
Published
2025-05-20 14:24
Modified
2025-06-24 07:12
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 8.0 < ESXi80U3se-24659227 Version: 7.0 < ESXi70U3sv-24723868 |
||||||||||||||||
|
|||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41226",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T16:03:58.461704Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:05:04.910Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3se-24659227",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3sv-24723868",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-05-20T11:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eESXi contains a denial-of-service vulnerability that occurs when performing a guest operation.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled.\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware\u00a0ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation.\u00a0A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T07:12:21.964Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Guest Operations Denial-of-Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41226",
"datePublished": "2025-05-20T14:24:24.680Z",
"dateReserved": "2025-04-16T09:29:46.972Z",
"dateUpdated": "2025-06-24T07:12:21.964Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-22224 (GCVE-0-2025-22224)
Vulnerability from cvelistv5
Published
2025-03-04 11:56
Modified
2025-10-21 22:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap-overflow vulnerability
Summary
VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 8.0 < ESXi80U3d-24585383 Version: 8.0 < ESXi80U2d-24585300 Version: 7.0 < ESXi70U3s-24585291 |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-22224",
"options": [
{
"Exploitation": "active"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-05T04:55:22.499570Z",
"version": "2.0.3"
},
"type": "ssvc"
}
},
{
"other": {
"content": {
"dateAdded": "2025-03-04",
"reference": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22224"
},
"type": "kev"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-367",
"description": "CWE-367 Time-of-check Time-of-use (TOCTOU) Race Condition",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-21T22:55:28.319Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"references": [
{
"tags": [
"government-resource"
],
"url": "https://www.cisa.gov/known-exploited-vulnerabilities-catalog?field_cve=CVE-2025-22224"
}
],
"timeline": [
{
"lang": "en",
"time": "2025-03-04T00:00:00+00:00",
"value": "CVE-2025-22224 added to CISA KEV"
}
],
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3d-24585383",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2d-24585300",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3s-24585291",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows",
"Linux"
],
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.3",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "VMware Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-03-04T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, and Workstation\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write.\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, and Workstation\u00a0contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap-overflow vulnerability",
"lang": "en"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-03T14:39:46.987Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25390"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-22224",
"datePublished": "2025-03-04T11:56:12.317Z",
"dateReserved": "2025-01-02T04:29:30.445Z",
"dateUpdated": "2025-10-21T22:55:28.319Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41238 (GCVE-0-2025-41238)
Vulnerability from cvelistv5
Published
2025-07-15 18:34
Modified
2025-07-16 03:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 8.0 < ESXi80U3f-24784735 Version: 8.0 < ESXi80U2e-24789317 Version: 7.0 < ESXi70U3w-24784741 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41238",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T03:56:00.818Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3f-24784735",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2e-24789317",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3w-24784741",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.4",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"lessThan": "13.6.4",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-07-15T03:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox and exploitable only with configurations that are unsupported. On Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T18:34:48.818Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "PVSCSI heap-overflow vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41238",
"datePublished": "2025-07-15T18:34:48.818Z",
"dateReserved": "2025-04-16T09:30:17.798Z",
"dateUpdated": "2025-07-16T03:56:00.818Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41239 (GCVE-0-2025-41239)
Vulnerability from cvelistv5
Published
2025-07-15 18:35
Modified
2025-07-15 18:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-908 - Use of Uninitialized Resource
Summary
VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 8.0 < ESXi80U3f-24784735 Version: 8.0 < ESXi80U2e-24789317 Version: 7.0 < ESXi70U3w-24784741 |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41239",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-15T18:51:16.482481Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T18:51:58.342Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3f-24784735",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2e-24789317",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3w-24784741",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.4",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"lessThan": "13.6.4",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Tools",
"vendor": "VMware",
"versions": [
{
"lessThan": "13.0.1.0",
"status": "affected",
"version": "13.x.x",
"versionType": "custom"
},
{
"lessThan": "12.5.3",
"status": "affected",
"version": "12.x.x, 11.x.x,",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-07-15T03:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u0026nbsp;\u003c/span\u003eA malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets.\u00a0A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to leak memory from processes communicating with vSockets."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "NONE",
"baseScore": 7.1,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-908",
"description": "CWE-908 Use of Uninitialized Resource",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T18:35:03.747Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "vSockets information-disclosure vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41239",
"datePublished": "2025-07-15T18:35:03.747Z",
"dateReserved": "2025-04-16T09:30:17.798Z",
"dateUpdated": "2025-07-15T18:51:58.342Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5520 (GCVE-0-2019-5520)
Vulnerability from cvelistv5
Published
2019-04-15 17:12
Modified
2024-08-04 20:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds read vulnerability. Exploitation of this issue requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of this issue may lead to information disclosure.The workaround for this issue involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-369/"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.7 before ESXi670-201904101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-201903001"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.0.3"
},
{
"status": "affected",
"version": "14.x before 14.1.6"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.0.3"
},
{
"status": "affected",
"version": "10.x before 10.1.6"
}
]
}
],
"datePublic": "2019-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds read vulnerability. Exploitation of this issue requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of this issue may lead to information disclosure.The workaround for this issue involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-17T15:06:05",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-369/"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2019-5520",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-201904101-SG"
},
{
"version_value": "6.5 before ESXi650-201903001"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.0.3"
},
{
"version_value": "14.x before 14.1.6"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.0.3"
},
{
"version_value": "10.x before 10.1.6"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds read vulnerability. Exploitation of this issue requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of this issue may lead to information disclosure.The workaround for this issue involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
},
{
"name": "https://www.zerodayinitiative.com/advisories/ZDI-19-369/",
"refsource": "MISC",
"url": "https://www.zerodayinitiative.com/advisories/ZDI-19-369/"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2019-5520",
"datePublished": "2019-04-15T17:12:06",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T20:01:51.278Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5517 (GCVE-0-2019-5517)
Vulnerability from cvelistv5
Published
2019-04-15 17:20
Modified
2024-08-04 20:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Multiple Out-of-bounds read vulnerabilities
Summary
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain multiple out-of-bounds read vulnerabilities in the shader translator. Exploitation of these issues requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. The workaround for these issues involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.289Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.7 before ESXi670-201904101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-201903001"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.0.3"
},
{
"status": "affected",
"version": "14.x before 14.1.6"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.0.3"
},
{
"status": "affected",
"version": "10.x before 10.1.6"
}
]
}
],
"datePublic": "2019-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain multiple out-of-bounds read vulnerabilities in the shader translator. Exploitation of these issues requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. The workaround for these issues involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Multiple Out-of-bounds read vulnerabilities",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-15T17:20:08",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2019-5517",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-201904101-SG"
},
{
"version_value": "6.5 before ESXi650-201903001"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.0.3"
},
{
"version_value": "14.x before 14.1.6"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.0.3"
},
{
"version_value": "10.x before 10.1.6"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain multiple out-of-bounds read vulnerabilities in the shader translator. Exploitation of these issues requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. The workaround for these issues involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Multiple Out-of-bounds read vulnerabilities"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2019-5517",
"datePublished": "2019-04-15T17:20:08",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T20:01:51.289Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41228 (GCVE-0-2025-41228)
Vulnerability from cvelistv5
Published
2025-05-20 14:24
Modified
2025-06-24 07:14
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | vCenter Server |
Version: 8.0 < 8.0 U3e |
|||||||||||||||||||||
|
||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41228",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T15:33:21.745022Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T15:33:37.635Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "vCenter Server",
"vendor": "VMware",
"versions": [
{
"lessThan": "8.0 U3e",
"status": "affected",
"version": "8.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x,2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3se-24659227",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3sv-24723868",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-05-20T11:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u0026nbsp;\u003c/span\u003eA malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites.\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u003cbr\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation.\u00a0A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T07:14:21.027Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41228",
"datePublished": "2025-05-20T14:24:34.436Z",
"dateReserved": "2025-04-16T09:29:46.972Z",
"dateUpdated": "2025-06-24T07:14:21.027Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4941 (GCVE-0-2017-4941)
Vulnerability from cvelistv5
Published
2017-12-20 15:00
Modified
2024-09-16 17:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stack overflow via authenticated VNC session
Summary
VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:43.278Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040025",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040025"
},
{
"name": "1040024",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.0 before ESXi600-201711101-SG"
},
{
"status": "affected",
"version": "5.5 ESXi550-201709101-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x before 12.5.8"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x before 8.5.9"
}
]
}
],
"datePublic": "2017-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine\u0027s .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stack overflow via authenticated VNC session",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-21T10:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040025",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040025"
},
{
"name": "1040024",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040024"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2017-12-19T00:00:00",
"ID": "CVE-2017-4941",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.0 before ESXi600-201711101-SG"
},
{
"version_value": "5.5 ESXi550-201709101-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "12.x before 12.5.8"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "8.x before 8.5.9"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine\u0027s .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stack overflow via authenticated VNC session"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040025",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040025"
},
{
"name": "1040024",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4941",
"datePublished": "2017-12-20T15:00:00Z",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-09-16T17:58:23.789Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6974 (GCVE-0-2018-6974)
Vulnerability from cvelistv5
Published
2018-10-16 20:00
Modified
2024-09-16 19:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds read vulnerability
Summary
VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.338Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105660",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105660"
},
{
"name": "1041876",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041876"
},
{
"name": "1041875",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041875"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0026.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.7 before ESXi670-201810101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-201808401-BG"
},
{
"status": "affected",
"version": "6.0 before ESXi600-201808401-BG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "14.x before 14.1.3"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "10.x before 10.1.3"
}
]
}
],
"datePublic": "2018-10-16T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-18T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "105660",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105660"
},
{
"name": "1041876",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041876"
},
{
"name": "1041875",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041875"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0026.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2018-10-16T00:00:00",
"ID": "CVE-2018-6974",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-201810101-SG"
},
{
"version_value": "6.5 before ESXi650-201808401-BG"
},
{
"version_value": "6.0 before ESXi600-201808401-BG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "14.x before 14.1.3"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "10.x before 10.1.3"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105660",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105660"
},
{
"name": "1041876",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041876"
},
{
"name": "1041875",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041875"
},
{
"name": "https://www.vmware.com/security/advisories/VMSA-2018-0026.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0026.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2018-6974",
"datePublished": "2018-10-16T20:00:00Z",
"dateReserved": "2018-02-14T00:00:00",
"dateUpdated": "2024-09-16T19:46:18.799Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6972 (GCVE-0-2018-6972)
Vulnerability from cvelistv5
Published
2018-07-25 13:00
Modified
2024-09-16 23:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial-of-service vulnerability
Summary
VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.362Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "104884",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/104884"
},
{
"name": "1041356",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041356"
},
{
"name": "1041357",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041357"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.7 before ESXi670-201806401-BG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-201806401-BG"
},
{
"status": "affected",
"version": "6.0 before ESXi600-201806401-BG"
},
{
"status": "affected",
"version": "5.5 before ESXi550-201806401-BG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "14.x before 14.1.2"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "10.x before 10.1.2"
}
]
}
],
"datePublic": "2018-07-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial-of-service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-07-27T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "104884",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/104884"
},
{
"name": "1041356",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041356"
},
{
"name": "1041357",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041357"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2018-07-19T00:00:00",
"ID": "CVE-2018-6972",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-201806401-BG"
},
{
"version_value": "6.5 before ESXi650-201806401-BG"
},
{
"version_value": "6.0 before ESXi600-201806401-BG"
},
{
"version_value": "5.5 before ESXi550-201806401-BG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "14.x before 14.1.2"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "10.x before 10.1.2"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "104884",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/104884"
},
{
"name": "1041356",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041356"
},
{
"name": "1041357",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041357"
},
{
"name": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0018.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2018-6972",
"datePublished": "2018-07-25T13:00:00Z",
"dateReserved": "2018-02-14T00:00:00",
"dateUpdated": "2024-09-16T23:06:29.205Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4924 (GCVE-0-2017-4924)
Vulnerability from cvelistv5
Published
2017-09-15 13:00
Modified
2024-09-17 02:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Out-of-bounds write vulnerability
Summary
VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
References
| ► | URL | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:43.323Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039365"
},
{
"name": "100843",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100843"
},
{
"name": "1039366",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039366"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 without patch ESXi650-201707101-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x before 12.5.7"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x before 8.5.8"
}
]
}
],
"datePublic": "2017-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Out-of-bounds write vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-10-09T13:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "1039365",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039365"
},
{
"name": "100843",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100843"
},
{
"name": "1039366",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039366"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2017-09-14T00:00:00",
"ID": "CVE-2017-4924",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 without patch ESXi650-201707101-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "12.x before 12.5.7"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "8.x before 8.5.8"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Out-of-bounds write vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039365",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039365"
},
{
"name": "100843",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100843"
},
{
"name": "1039366",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039366"
},
{
"name": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html"
},
{
"name": "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html",
"refsource": "MISC",
"url": "https://0patch.blogspot.com/2017/10/micropatching-hypervisor-with-running.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4924",
"datePublished": "2017-09-15T13:00:00Z",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-09-17T02:20:43.435Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5516 (GCVE-0-2019-5516)
Vulnerability from cvelistv5
Published
2019-04-15 16:57
Modified
2024-08-04 20:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Vertex shader out-of-bounds read vulnerability
Summary
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds vulnerability with the vertex shader functionality. Exploitation of this issue requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. The workaround for this issue involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.993Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
},
{
"tags": [
"x_refsource_MISC",
"x_transferred"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0762"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.7 before ESXi670-201904101-SG"
},
{
"status": "affected",
"version": "6.5 before ESXi650-201903001"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x before 15.0.3"
},
{
"status": "affected",
"version": "14.x before 14.1.6"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x before 11.0.3"
},
{
"status": "affected",
"version": "10.x before 10.1.6"
}
]
}
],
"datePublic": "2019-04-11T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds vulnerability with the vertex shader functionality. Exploitation of this issue requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. The workaround for this issue involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Vertex shader out-of-bounds read vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-04-15T19:06:09",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
},
{
"tags": [
"x_refsource_MISC"
],
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0762"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2019-5516",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.7 before ESXi670-201904101-SG"
},
{
"version_value": "6.5 before ESXi650-201903001"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x before 15.0.3"
},
{
"version_value": "14.x before 14.1.6"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x before 11.0.3"
},
{
"version_value": "10.x before 10.1.6"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds vulnerability with the vertex shader functionality. Exploitation of this issue requires an attacker to have access to a virtual machine with 3D graphics enabled. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. The workaround for this issue involves disabling the 3D-acceleration feature. This feature is not enabled by default on ESXi and is enabled by default on Workstation and Fusion."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Vertex shader out-of-bounds read vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0006.html"
},
{
"name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0762",
"refsource": "MISC",
"url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0762"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2019-5516",
"datePublished": "2019-04-15T16:57:27",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T20:01:51.993Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4903 (GCVE-0-2017-4903)
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Uninitialized Stack Memory Usage
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 6.0 U3 without patch ESXi600-201703401-SG Version: 6.0 U2 without patch ESXi600-201703403-SG Version: 6.0 U1 without patch ESXi600-201703402-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.551Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97160",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97160"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 without patch ESXi650-201703410-SG"
},
{
"status": "affected",
"version": "6.0 U3 without patch ESXi600-201703401-SG"
},
{
"status": "affected",
"version": "6.0 U2 without patch ESXi600-201703403-SG"
},
{
"status": "affected",
"version": "6.0 U1 without patch ESXi600-201703402-SG"
},
{
"status": "affected",
"version": "5.5 without patch ESXi550-201703401-SG"
}
]
},
{
"product": "Workstation Pro / Player",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x prior to 12.5.5"
}
]
},
{
"product": "Fusion Pro / Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x prior to 8.5.6"
}
]
}
],
"datePublic": "2017-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Uninitialized Stack Memory Usage",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "97160",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97160"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2017-4903",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 without patch ESXi650-201703410-SG"
},
{
"version_value": "6.0 U3 without patch ESXi600-201703401-SG"
},
{
"version_value": "6.0 U2 without patch ESXi600-201703403-SG"
},
{
"version_value": "6.0 U1 without patch ESXi600-201703402-SG"
},
{
"version_value": "5.5 without patch ESXi550-201703401-SG"
}
]
}
},
{
"product_name": "Workstation Pro / Player",
"version": {
"version_data": [
{
"version_value": "12.x prior to 12.5.5"
}
]
}
},
{
"product_name": "Fusion Pro / Fusion",
"version": {
"version_data": [
{
"version_value": "8.x prior to 8.5.6"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Uninitialized Stack Memory Usage"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97160",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97160"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4903",
"datePublished": "2017-06-07T18:00:00",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.551Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4925 (GCVE-0-2017-4925)
Vulnerability from cvelistv5
Published
2017-09-15 13:00
Modified
2024-09-17 03:03
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- NULL pointer dereference vulnerability
Summary
VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:43.383Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "1039368",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039368"
},
{
"name": "100842",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/100842"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html"
},
{
"name": "1039367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1039367"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 without patch ESXi650-201707101-SG"
},
{
"status": "affected",
"version": "6.0 without patch ESXi600-201706101-SG"
},
{
"status": "affected",
"version": "5.5 without patch ESXi550-201709101-SG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x before 12.5.3"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x before 8.5.4"
}
]
}
],
"datePublic": "2017-09-14T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "NULL pointer dereference vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-09-16T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "1039368",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039368"
},
{
"name": "100842",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/100842"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html"
},
{
"name": "1039367",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1039367"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2017-09-14T00:00:00",
"ID": "CVE-2017-4925",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 without patch ESXi650-201707101-SG"
},
{
"version_value": "6.0 without patch ESXi600-201706101-SG"
},
{
"version_value": "5.5 without patch ESXi550-201709101-SG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "12.x before 12.5.3"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "8.x before 8.5.4"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "NULL pointer dereference vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "1039368",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039368"
},
{
"name": "100842",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/100842"
},
{
"name": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0015.html"
},
{
"name": "1039367",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1039367"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4925",
"datePublished": "2017-09-15T13:00:00Z",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-09-17T03:03:34.620Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4904 (GCVE-0-2017-4904)
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Remote Code Execution / DoS
Summary
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 6.0 U3 without patch ESXi600-201703401-SG Version: 6.0 U2 without patch ESXi600-201703403-SG Version: 6.0 U1 without patch ESXi600-201703402-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.527Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97165",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97165"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 without patch ESXi650-201703410-SG"
},
{
"status": "affected",
"version": "6.0 U3 without patch ESXi600-201703401-SG"
},
{
"status": "affected",
"version": "6.0 U2 without patch ESXi600-201703403-SG"
},
{
"status": "affected",
"version": "6.0 U1 without patch ESXi600-201703402-SG"
},
{
"status": "affected",
"version": "5.5 without patch ESXi550-201703401-SG"
}
]
},
{
"product": "Workstation Pro / Player",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x prior to 12.5.5"
}
]
},
{
"product": "Fusion Pro / Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x prior to 8.5.6"
}
]
}
],
"datePublic": "2017-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Remote Code Execution / DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "97165",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97165"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2017-4904",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 without patch ESXi650-201703410-SG"
},
{
"version_value": "6.0 U3 without patch ESXi600-201703401-SG"
},
{
"version_value": "6.0 U2 without patch ESXi600-201703403-SG"
},
{
"version_value": "6.0 U1 without patch ESXi600-201703402-SG"
},
{
"version_value": "5.5 without patch ESXi550-201703401-SG"
}
]
}
},
{
"product_name": "Workstation Pro / Player",
"version": {
"version_data": [
{
"version_value": "12.x prior to 12.5.5"
}
]
}
},
{
"product_name": "Fusion Pro / Fusion",
"version": {
"version_data": [
{
"version_value": "8.x prior to 8.5.6"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Remote Code Execution / DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97165",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97165"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4904",
"datePublished": "2017-06-07T18:00:00",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.527Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4902 (GCVE-0-2017-4902)
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap Buffer Overflow
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.428Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "97163",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97163"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 without patch ESXi650-201703410-SG"
},
{
"status": "affected",
"version": "5.5 without patch ESXi550-201703401-SG"
}
]
},
{
"product": "Workstation Pro / Player",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x prior to 12.5.5"
}
]
},
{
"product": "Fusion Pro / Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x prior to 8.5.6"
}
]
}
],
"datePublic": "2017-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap Buffer Overflow",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "97163",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97163"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2017-4902",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 without patch ESXi650-201703410-SG"
},
{
"version_value": "5.5 without patch ESXi550-201703401-SG"
}
]
}
},
{
"product_name": "Workstation Pro / Player",
"version": {
"version_data": [
{
"version_value": "12.x prior to 12.5.5"
}
]
}
},
{
"product_name": "Fusion Pro / Fusion",
"version": {
"version_data": [
{
"version_value": "8.x prior to 8.5.6"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap Buffer Overflow"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "97163",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97163"
},
{
"name": "1038149",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4902",
"datePublished": "2017-06-07T18:00:00",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.428Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41237 (GCVE-0-2025-41237)
Vulnerability from cvelistv5
Published
2025-07-15 18:34
Modified
2025-07-16 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-787 - Out-of-bounds Write
Summary
VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
References
Impacted products
| Vendor | Product | Version | ||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | Cloud Foundation |
Version: 9.0.0.0, 5.x, 4.5.x |
|||||||||||||||||||||||||||||||
|
||||||||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41237",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-07-08T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-07-16T03:55:59.690Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "9.0.0.0, 5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "vSphere Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "9.0.0.0"
}
]
},
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3f-24784735",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi80U2e-24789317",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3w-24784741",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.4",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"lessThan": "13.6.4",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
}
],
"datePublic": "2025-07-15T03:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eVMware ESXi,\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;Workstation, and Fusion\u003c/span\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003e\u0026nbsp;contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.\u003c/span\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi,\u00a0Workstation, and Fusion\u00a0contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write.\u00a0A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine\u0027s VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 9.3,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-787",
"description": "CWE-787 Out-of-bounds Write",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-07-15T18:34:21.083Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/35877"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "VMCI integer-underflow vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41237",
"datePublished": "2025-07-15T18:34:21.083Z",
"dateReserved": "2025-04-16T09:30:17.798Z",
"dateUpdated": "2025-07-16T03:55:59.690Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2018-6977 (GCVE-0-2018-6977)
Vulnerability from cvelistv5
Published
2018-10-09 20:00
Modified
2024-09-16 20:26
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Denial-of-service vulnerability
Summary
VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T06:17:17.351Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "105549",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/105549"
},
{
"name": "1041821",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041821"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0025.html"
},
{
"name": "1041822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1041822"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.7, 6.5, 6.0"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "15.x and 14.x"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "11.x and 10.x"
}
]
}
],
"datePublic": "2018-10-09T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Denial-of-service vulnerability",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2018-10-12T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "105549",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/105549"
},
{
"name": "1041821",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041821"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0025.html"
},
{
"name": "1041822",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1041822"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2018-10-09T00:00:00",
"ID": "CVE-2018-6977",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.7, 6.5, 6.0"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "15.x and 14.x"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "11.x and 10.x"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Denial-of-service vulnerability"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "105549",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/105549"
},
{
"name": "1041821",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041821"
},
{
"name": "https://www.vmware.com/security/advisories/VMSA-2018-0025.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2018-0025.html"
},
{
"name": "1041822",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1041822"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2018-6977",
"datePublished": "2018-10-09T20:00:00Z",
"dateReserved": "2018-02-14T00:00:00",
"dateUpdated": "2024-09-16T20:26:19.691Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4905 (GCVE-0-2017-4905)
Vulnerability from cvelistv5
Published
2017-06-07 18:00
Modified
2024-08-05 14:39
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Information leak
Summary
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak.
References
| ► | URL | Tags | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||
Impacted products
| Vendor | Product | Version | ||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 6.5 without patch ESXi650-201703410-SG Version: 6.0 U3 without patch ESXi600-201703401-SG Version: 6.0 U2 without patch ESXi600-201703403-SG Version: 6.0 U1 without patch ESXi600-201703402-SG Version: 5.5 without patch ESXi550-201703401-SG |
|||||||||||
|
||||||||||||||
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:39:41.549Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "97164",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/97164"
},
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 without patch ESXi650-201703410-SG"
},
{
"status": "affected",
"version": "6.0 U3 without patch ESXi600-201703401-SG"
},
{
"status": "affected",
"version": "6.0 U2 without patch ESXi600-201703403-SG"
},
{
"status": "affected",
"version": "6.0 U1 without patch ESXi600-201703402-SG"
},
{
"status": "affected",
"version": "5.5 without patch ESXi550-201703401-SG"
}
]
},
{
"product": "Workstation Pro / Player",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x prior to 12.5.5"
}
]
},
{
"product": "Fusion Pro / Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x prior to 8.5.6"
}
]
}
],
"datePublic": "2017-03-28T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Information leak",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-07-11T09:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"name": "97164",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/97164"
},
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1038149"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2017-4905",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 without patch ESXi650-201703410-SG"
},
{
"version_value": "6.0 U3 without patch ESXi600-201703401-SG"
},
{
"version_value": "6.0 U2 without patch ESXi600-201703403-SG"
},
{
"version_value": "6.0 U1 without patch ESXi600-201703402-SG"
},
{
"version_value": "5.5 without patch ESXi550-201703401-SG"
}
]
}
},
{
"product_name": "Workstation Pro / Player",
"version": {
"version_data": [
{
"version_value": "12.x prior to 12.5.5"
}
]
}
},
{
"product_name": "Fusion Pro / Fusion",
"version": {
"version_data": [
{
"version_value": "8.x prior to 8.5.6"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Information leak"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "97164",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/97164"
},
{
"name": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html",
"refsource": "CONFIRM",
"url": "http://www.vmware.com/security/advisories/VMSA-2017-0006.html"
},
{
"name": "1038148",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038148"
},
{
"name": "1038149",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1038149"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4905",
"datePublished": "2017-06-07T18:00:00",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-08-05T14:39:41.549Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-41227 (GCVE-0-2025-41227)
Vulnerability from cvelistv5
Published
2025-05-20 14:24
Modified
2025-06-24 07:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-400 - Uncontrolled Resource Consumption
Summary
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.
References
Impacted products
| Vendor | Product | Version | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
| ► | VMware | ESXi |
Version: 8.0 < ESXi80U3se-24659227 Version: 7.0 < ESXi70U3sv-24723868 |
||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-41227",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-05-20T15:59:41.340433Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-05-20T16:00:12.860Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"lessThan": "ESXi80U3se-24659227",
"status": "affected",
"version": "8.0",
"versionType": "custom"
},
{
"lessThan": "ESXi70U3sv-24723868",
"status": "affected",
"version": "7.0",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Cloud Foundation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.5.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Platform",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "5.x, 4.x, 3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Telco Cloud Infrastructure",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "3.x, 2.x"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"lessThan": "17.6.3",
"status": "affected",
"version": "17.x",
"versionType": "custom"
}
]
},
{
"defaultStatus": "unaffected",
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"lessThan": "13.6.3",
"status": "affected",
"version": "13.x",
"versionType": "custom"
}
]
}
],
"datePublic": "2025-05-20T11:30:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "VMware ESXi,\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eWorkstation, and Fusion contain a denial-of-service vulnerability due to certain guest options.\u0026nbsp;\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eA malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition.\u003c/span\u003e\u003cbr\u003e\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "VMware ESXi,\u00a0Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options.\u00a0A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-400",
"description": "CWE-400 Uncontrolled Resource Consumption",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-06-24T07:13:30.222Z",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"url": "https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/25717"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Denial-of-Service Vulnerability",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2025-41227",
"datePublished": "2025-05-20T14:24:29.316Z",
"dateReserved": "2025-04-16T09:29:46.972Z",
"dateUpdated": "2025-06-24T07:13:30.222Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2017-4933 (GCVE-0-2017-4933)
Vulnerability from cvelistv5
Published
2017-12-20 15:00
Modified
2024-09-16 23:51
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Heap overflow via authenticated VNC session
Summary
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall.
References
| ► | URL | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-05T14:47:43.676Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040025",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040025"
},
{
"name": "1040024",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK",
"x_transferred"
],
"url": "http://www.securitytracker.com/id/1040024"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "6.5 before ESXi650-201710401-BG"
}
]
},
{
"product": "Workstation",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "12.x before 12.5.8"
}
]
},
{
"product": "Fusion",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "8.x before 8.5.9"
}
]
}
],
"datePublic": "2017-12-19T00:00:00",
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine\u0027s .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Heap overflow via authenticated VNC session",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2017-12-21T10:57:01",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040025",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040025"
},
{
"name": "1040024",
"tags": [
"vdb-entry",
"x_refsource_SECTRACK"
],
"url": "http://www.securitytracker.com/id/1040024"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"DATE_PUBLIC": "2017-12-19T00:00:00",
"ID": "CVE-2017-4933",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "6.5 before ESXi650-201710401-BG"
}
]
}
},
{
"product_name": "Workstation",
"version": {
"version_data": [
{
"version_value": "12.x before 12.5.8"
}
]
}
},
{
"product_name": "Fusion",
"version": {
"version_data": [
{
"version_value": "8.x before 8.5.9"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine\u0027s .vmx configuration file. In addition, ESXi must be configured to allow VNC traffic through the built-in firewall."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Heap overflow via authenticated VNC session"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2017-0021.html"
},
{
"name": "1040025",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040025"
},
{
"name": "1040024",
"refsource": "SECTRACK",
"url": "http://www.securitytracker.com/id/1040024"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2017-4933",
"datePublished": "2017-12-20T15:00:00Z",
"dateReserved": "2016-12-26T00:00:00",
"dateUpdated": "2024-09-16T23:51:11.761Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2020-3955 (GCVE-0-2020-3955)
Vulnerability from cvelistv5
Published
2020-04-29 02:14
Modified
2024-08-04 07:52
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Stored Cross-Site-Scripting (XSS)
Summary
ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3.
References
| ► | URL | Tags | |||
|---|---|---|---|---|---|
|
|||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T07:52:20.472Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0008.html"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "ESXi 6.5 without patch ESXi650-201912104-SG"
},
{
"status": "affected",
"version": "ESXi 6.7 without patch ESXi670-202004103-SG"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Stored Cross-Site-Scripting (XSS)",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2020-04-29T02:14:06",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0008.html"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2020-3955",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "ESXi 6.5 without patch ESXi650-201912104-SG"
},
{
"version_value": "ESXi 6.7 without patch ESXi670-202004103-SG"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Stored Cross-Site-Scripting (XSS)"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2020-0008.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2020-0008.html"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2020-3955",
"datePublished": "2020-04-29T02:14:06",
"dateReserved": "2019-12-30T00:00:00",
"dateUpdated": "2024-08-04T07:52:20.472Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2019-5528 (GCVE-0-2019-5528)
Vulnerability from cvelistv5
Published
2019-07-11 20:15
Modified
2024-08-04 20:01
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- Partial DoS
Summary
VMware ESXi 6.5 suffers from partial denial of service vulnerability in hostd process. Patch ESXi650-201907201-UG for this issue is available.
References
| ► | URL | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
Impacted products
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-04T20:01:51.756Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM",
"x_transferred"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0011.html"
},
{
"name": "109130",
"tags": [
"vdb-entry",
"x_refsource_BID",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/109130"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "ESXi",
"vendor": "VMware",
"versions": [
{
"status": "affected",
"version": "ESXi 6.5 without patch ESXi650-201907201-UG"
}
]
}
],
"descriptions": [
{
"lang": "en",
"value": "VMware ESXi 6.5 suffers from partial denial of service vulnerability in hostd process. Patch ESXi650-201907201-UG for this issue is available."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "Partial DoS",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2019-07-12T12:06:04",
"orgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"shortName": "vmware"
},
"references": [
{
"tags": [
"x_refsource_CONFIRM"
],
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0011.html"
},
{
"name": "109130",
"tags": [
"vdb-entry",
"x_refsource_BID"
],
"url": "http://www.securityfocus.com/bid/109130"
}
],
"x_legacyV4Record": {
"CVE_data_meta": {
"ASSIGNER": "security@vmware.com",
"ID": "CVE-2019-5528",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "ESXi",
"version": {
"version_data": [
{
"version_value": "ESXi 6.5 without patch ESXi650-201907201-UG"
}
]
}
}
]
},
"vendor_name": "VMware"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "VMware ESXi 6.5 suffers from partial denial of service vulnerability in hostd process. Patch ESXi650-201907201-UG for this issue is available."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Partial DoS"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "https://www.vmware.com/security/advisories/VMSA-2019-0011.html",
"refsource": "CONFIRM",
"url": "https://www.vmware.com/security/advisories/VMSA-2019-0011.html"
},
{
"name": "109130",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/109130"
}
]
}
}
}
},
"cveMetadata": {
"assignerOrgId": "dcf2e128-44bd-42ed-91e8-88f912c1401d",
"assignerShortName": "vmware",
"cveId": "CVE-2019-5528",
"datePublished": "2019-07-11T20:15:02",
"dateReserved": "2019-01-07T00:00:00",
"dateUpdated": "2024-08-04T20:01:51.756Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}