Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Esxi
(Vmware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 138 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2024-03-05 | CVE-2024-22253 | VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. | Cloud_foundation, Esxi, Fusion, Workstation | 6.7 | ||
| 2024-03-05 | CVE-2024-22254 | VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox. | Cloud_foundation, Esxi | 8.2 | ||
| 2024-03-05 | CVE-2024-22255 | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | Cloud_foundation, Esxi, Fusion, Workstation | N/A | ||
| 2022-06-15 | CVE-2022-21123 | Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | Debian_linux, Fedora, Sgx_dcap, Sgx_psw, Sgx_sdk, Esxi, Xen | 5.5 | ||
| 2022-06-15 | CVE-2022-21125 | Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | Debian_linux, Fedora, Sgx_dcap, Sgx_psw, Sgx_sdk, Esxi, Xen | 5.5 | ||
| 2022-06-15 | CVE-2022-21166 | Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | Debian_linux, Fedora, Sgx_dcap, Sgx_psw, Sgx_sdk, Esxi, Xen | 5.5 | ||
| 2025-03-04 | CVE-2025-22225 | VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. | Cloud_foundation, Esxi, Telco_cloud_infrastructure, Telco_cloud_platform | N/A |