VMware

ESXi

123 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.1

CVE-2025-41239

  • EPSS 0.02%
  • Veröffentlicht 15.07.2025 18:35:03
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to ex...

9.3

CVE-2025-41238

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 15.07.2025 18:34:48
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit t...

9.3

CVE-2025-41237

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 15.07.2025 18:34:21
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this iss...

9.3

CVE-2025-41236

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 15.07.2025 18:34:12
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this i...

4.3

CVE-2025-41228

Medienbericht
  • EPSS 4.25%
  • Veröffentlicht 20.05.2025 14:24:34
  • Zuletzt bearbeitet 21.05.2025 20:25:16

VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to...

5.5

CVE-2025-41227

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 20.05.2025 14:24:29
  • Zuletzt bearbeitet 21.05.2025 20:25:16

VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory o...

6.8

CVE-2025-41226

Medienbericht
  • EPSS 0.07%
  • Veröffentlicht 20.05.2025 14:24:24
  • Zuletzt bearbeitet 21.05.2025 20:25:16

VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to cre...

8.2

CVE-2025-22224

Warnung Medienbericht
  • EPSS 52.41%
  • Veröffentlicht 04.03.2025 12:15:33
  • Zuletzt bearbeitet 05.03.2025 02:00:02

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the vi...

8.2

CVE-2025-22225

Warnung
  • EPSS 5.25%
  • Veröffentlicht 04.03.2025 12:15:33
  • Zuletzt bearbeitet 10.04.2025 19:19:49

VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox.

6

CVE-2025-22226

Warnung
  • EPSS 3.69%
  • Veröffentlicht 04.03.2025 12:15:33
  • Zuletzt bearbeitet 05.03.2025 02:00:02

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the...