VMware

ESXi

123 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
3.3

CVE-2022-31699

  • EPSS 0.33%
  • Veröffentlicht 13.12.2022 16:15:19
  • Zuletzt bearbeitet 22.04.2025 16:15:29

VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.

6.5

CVE-2022-31681

  • EPSS 0.1%
  • Veröffentlicht 07.10.2022 21:15:11
  • Zuletzt bearbeitet 21.11.2024 07:05:07

VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.

6.5

CVE-2022-23825

  • EPSS 0.19%
  • Veröffentlicht 14.07.2022 20:15:08
  • Zuletzt bearbeitet 21.11.2024 06:49:19

Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.

6.5

CVE-2022-29901

  • EPSS 0.08%
  • Veröffentlicht 12.07.2022 19:15:08
  • Zuletzt bearbeitet 21.11.2024 06:59:56

Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. An attacker with unprivileged user access can hijack return instructions to achieve ...

5.5

CVE-2022-21166

  • EPSS 0.19%
  • Veröffentlicht 15.06.2022 21:15:09
  • Zuletzt bearbeitet 05.05.2025 17:17:41

Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2022-21123

  • EPSS 0.18%
  • Veröffentlicht 15.06.2022 20:15:17
  • Zuletzt bearbeitet 05.05.2025 17:17:37

Incomplete cleanup of multi-core shared buffers for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

5.5

CVE-2022-21125

  • EPSS 0.25%
  • Veröffentlicht 15.06.2022 20:15:17
  • Zuletzt bearbeitet 05.05.2025 17:17:37

Incomplete cleanup of microarchitectural fill buffers on some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access.

6.7

CVE-2021-22040

  • EPSS 0.67%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX pr...

6.7

CVE-2021-22041

  • EPSS 0.58%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX proc...

7.8

CVE-2021-22042

  • EPSS 0.25%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged...