2019-12-06
|
CVE-2019-5544
|
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
|
Fedora, Openslp, Enterprise_linux_desktop, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_server_eus, Enterprise_linux_server_tus, Enterprise_linux_workstation, Esxi, Horizon_daas
|
9.8
|
|
|
2022-06-15
|
CVE-2022-21123
|
Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
|
Debian_linux, Fedora, Sgx_dcap, Sgx_psw, Sgx_sdk, Esxi, Xen
|
5.5
|
|
|
2022-06-15
|
CVE-2022-21125
|
Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
|
Debian_linux, Fedora, Sgx_dcap, Sgx_psw, Sgx_sdk, Esxi, Xen
|
5.5
|
|
|
2022-06-15
|
CVE-2022-21166
|
Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.
|
Debian_linux, Fedora, Sgx_dcap, Sgx_psw, Sgx_sdk, Esxi, Xen
|
5.5
|
|
|
2022-07-12
|
CVE-2022-29901
|
Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve arbitrary speculative code execution under certain microarchitecture-dependent conditions.
|
Debian_linux, Fedora, Core_i3\-6100_firmware, Core_i3\-6100e_firmware, Core_i3\-6100h_firmware, Core_i3\-6100t_firmware, Core_i3\-6100te_firmware, Core_i3\-6100u_firmware, Core_i3\-6102e_firmware, Core_i3\-6110u_firmware, Core_i3\-6120_firmware, Core_i3\-6120t_firmware, Core_i3\-6167u_firmware, Core_i3\-6300_firmware, Core_i3\-6300t_firmware, Core_i3\-6320_firmware, Core_i3\-6320t_firmware, Core_i3\-8000_firmware, Core_i3\-8000t_firmware, Core_i3\-8020_firmware, Core_i3\-8100_firmware, Core_i3\-8100h_firmware, Core_i3\-8100t_firmware, Core_i3\-8109u_firmware, Core_i3\-8120_firmware, Core_i3\-8130u_firmware, Core_i3\-8145u_firmware, Core_i3\-8300_firmware, Core_i3\-8300t_firmware, Core_i3\-8350k_firmware, Core_i5\-6200u_firmware, Core_i5\-6210u_firmware, Core_i5\-6260u_firmware, Core_i5\-6267u_firmware, Core_i5\-6287u_firmware, Core_i5\-6300hq_firmware, Core_i5\-6300u_firmware, Core_i5\-6310u_firmware, Core_i5\-6350hq_firmware, Core_i5\-6360u_firmware, Core_i5\-6400_firmware, Core_i5\-6400t_firmware, Core_i5\-6440eq_firmware, Core_i5\-6440hq_firmware, Core_i5\-6442eq_firmware, Core_i5\-6500_firmware, Core_i5\-6500t_firmware, Core_i5\-6500te_firmware, Core_i5\-6600_firmware, Core_i5\-6600k_firmware, Core_i5\-6600t_firmware, Core_i5\-8200y_firmware, Core_i5\-8210y_firmware, Core_i5\-8250u_firmware, Core_i5\-8259u_firmware, Core_i5\-8265u_firmware, Core_i5\-8269u_firmware, Core_i5\-8300h_firmware, Core_i5\-8305g_firmware, Core_i5\-8310y_firmware, Core_i5\-8350u_firmware, Core_i5\-8365u_firmware, Core_i5\-8400_firmware, Core_i5\-8400b_firmware, Core_i5\-8400h_firmware, Core_i5\-8400t_firmware, Core_i5\-8420_firmware, Core_i5\-8420t_firmware, Core_i5\-8500_firmware, Core_i5\-8500b_firmware, Core_i5\-8500t_firmware, Core_i5\-8550_firmware, Core_i5\-8550u_firmware, Core_i5\-8600_firmware, Core_i5\-8600k_firmware, Core_i5\-8600t_firmware, Core_i5\-8650_firmware, Core_i5\-8650k_firmware, Core_i7\-6500u_firmware, Core_i7\-6510u_firmware, Core_i7\-6560u_firmware, Core_i7\-6567u_firmware, Core_i7\-6600u_firmware, Core_i7\-6650u_firmware, Core_i7\-6660u_firmware, Core_i7\-6700_firmware, Core_i7\-6700hq_firmware, Core_i7\-6700k_firmware, Core_i7\-6700t_firmware, Core_i7\-6700te_firmware, Core_i7\-6770hq_firmware, Core_i7\-6820eq_firmware, Core_i7\-6820hk_firmware, Core_i7\-6820hq_firmware, Core_i7\-6822eq_firmware, Core_i7\-6870hq_firmware, Core_i7\-6920hq_firmware, Core_i7\-6970hq_firmware, Core_i7\-8500y_firmware, Core_i7\-8510y_firmware, Core_i7\-8550u_firmware, Core_i7\-8557u_firmware, Core_i7\-8559u_firmware, Core_i7\-8560u_firmware, Core_i7\-8565u_firmware, Core_i7\-8569u_firmware, Core_i7\-8650u_firmware, Core_i7\-8665u_firmware, Core_i7\-8670_firmware, Core_i7\-8670t_firmware, Core_i7\-8700_firmware, Core_i7\-8700b_firmware, Core_i7\-8700k_firmware, Core_i7\-8700t_firmware, Core_i7\-8705g_firmware, Core_i7\-8706g_firmware, Core_i7\-8709g_firmware, Core_i7\-8750h_firmware, Core_i7\-8750hf_firmware, Core_i7\-8809g_firmware, Core_i7\-8850h_firmware, Core_i9\-8950hk_firmware, Core_m3\-6y30_firmware, Core_m3\-8100y_firmware, Core_m5\-6y54_firmware, Core_m5\-6y57_firmware, Core_m7\-6y75_firmware, Esxi, Xen
|
6.5
|
|
|
2022-07-14
|
CVE-2022-23825
|
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
|
A10\-9600p_firmware, A10\-9630p_firmware, A12\-9700p_firmware, A12\-9730p_firmware, A4\-9120_firmware, A6\-9210_firmware, A6\-9220_firmware, A6\-9220c_firmware, A9\-9410_firmware, A9\-9420_firmware, Athlon_gold_3150u_firmware, Athlon_silver_3050u_firmware, Athlon_x4_750_firmware, Athlon_x4_760k_firmware, Athlon_x4_830_firmware, Athlon_x4_835_firmware, Athlon_x4_840_firmware, Athlon_x4_845_firmware, Athlon_x4_860k_firmware, Athlon_x4_870k_firmware, Athlon_x4_880k_firmware, Athlon_x4_940_firmware, Athlon_x4_950_firmware, Athlon_x4_970_firmware, Epyc_7001_firmware, Epyc_7002_firmware, Epyc_7251_firmware, Epyc_7252_firmware, Epyc_7261_firmware, Epyc_7262_firmware, Epyc_7272_firmware, Epyc_7281_firmware, Epyc_7282_firmware, Epyc_7301_firmware, Epyc_7302_firmware, Epyc_7302p_firmware, Epyc_7351_firmware, Epyc_7351p_firmware, Epyc_7352_firmware, Epyc_7371_firmware, Epyc_7401_firmware, Epyc_7401p_firmware, Epyc_7402_firmware, Epyc_7402p_firmware, Epyc_7451_firmware, Epyc_7452_firmware, Epyc_7501_firmware, Epyc_7502_firmware, Epyc_7502p_firmware, Epyc_7532_firmware, Epyc_7542_firmware, Epyc_7551_firmware, Epyc_7551p_firmware, Epyc_7552_firmware, Epyc_7601_firmware, Epyc_7642_firmware, Epyc_7662_firmware, Epyc_7702_firmware, Epyc_7742_firmware, Epyc_7f32_firmware, Epyc_7f52_firmware, Epyc_7f72_firmware, Epyc_7h12_firmware, Ryzen_3_2200u_firmware, Ryzen_3_2300u_firmware, Ryzen_3_3100_firmware, Ryzen_3_3200u_firmware, Ryzen_3_3250u_firmware, Ryzen_3_3300g_firmware, Ryzen_3_3300u_firmware, Ryzen_3_3300x_firmware, Ryzen_3_4300g_firmware, Ryzen_3_4300ge_firmware, Ryzen_3_4300u_firmware, Ryzen_5_2500u_firmware, Ryzen_5_2600_firmware, Ryzen_5_2600h_firmware, Ryzen_5_2600x_firmware, Ryzen_5_2700_firmware, Ryzen_5_2700x_firmware, Ryzen_5_3400g_firmware, Ryzen_5_3450g_firmware, Ryzen_5_3500u_firmware, Ryzen_5_3550h_firmware, Ryzen_5_3600_firmware, Ryzen_5_3600x_firmware, Ryzen_5_3600xt_firmware, Ryzen_5_4500u_firmware, Ryzen_5_4600g_firmware, Ryzen_5_4600ge_firmware, Ryzen_5_4600h_firmware, Ryzen_5_4600u_firmware, Ryzen_7_2700_firmware, Ryzen_7_2700u_firmware, Ryzen_7_2700x_firmware, Ryzen_7_2800h_firmware, Ryzen_7_3700u_firmware, Ryzen_7_3700x_firmware, Ryzen_7_3750h_firmware, Ryzen_7_3800x_firmware, Ryzen_7_3800xt_firmware, Ryzen_7_4700g_firmware, Ryzen_7_4700ge_firmware, Ryzen_7_4700u_firmware, Ryzen_7_4800h_firmware, Ryzen_7_4800u_firmware, Ryzen_9_4900h_firmware, Ryzen_threadripper_2920x_firmware, Ryzen_threadripper_2950x_firmware, Ryzen_threadripper_2970wx_firmware, Ryzen_threadripper_2990wx_firmware, Ryzen_threadripper_3960x_firmware, Ryzen_threadripper_3970x_firmware, Ryzen_threadripper_3990x_firmware, Ryzen_threadripper_pro_3795wx_firmware, Ryzen_threadripper_pro_3945wx_firmware, Ryzen_threadripper_pro_3955wx_firmware, Ryzen_threadripper_pro_3995wx_firmware, Ryzen_threadripper_pro_5945wx_firmware, Ryzen_threadripper_pro_5955wx_firmware, Ryzen_threadripper_pro_5965wx_firmware, Ryzen_threadripper_pro_5975wx_firmware, Ryzen_threadripper_pro_5995wx_firmware, Debian_linux, Fedora, Esxi
|
6.5
|
|
|
2022-12-13
|
CVE-2022-31696
|
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.
|
Cloud_foundation, Esxi
|
8.8
|
|
|
2023-04-25
|
CVE-2023-29552
|
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
|
Smi\-S_provider, Service_location_protocol, Linux_enterprise_server, Manager_server, Esxi
|
7.5
|
|
|
2011-01-18
|
CVE-2010-4263
|
The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame.
|
Linux_kernel, Esx, Esxi
|
N/A
|
|
|
2020-06-25
|
CVE-2020-3963
|
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may be able to read privileged information contained in physical memory.
|
Cloud_foundation, Esxi, Fusion, Workstation
|
5.5
|
|
|