CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22043
https://notcve.org/view.php?id=CVE-2021-22043
16 Feb 2022 — VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files. VMware ESXi contiene una vulnerabilidad TOCTOU (Time-of-check Time-of-use) que se presenta en la forma de manejar los archivos temporales. Un actor malicioso con acceso a settingsd, puede explotar este problema para escalar sus privilegios al escribir archivos arb... • https://www.vmware.com/security/advisories/VMSA-2022-0004.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 6.7EPSS: 0%CPEs: 171EXPL: 0CVE-2021-22041
https://notcve.org/view.php?id=CVE-2021-22041
16 Feb 2022 — VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de doble búsqueda en el controlador USB UHCI. Un actor malicioso con privilegios administrativos locales en una máquina virtual puede aprovechar este problema para ejecutar c... • https://www.vmware.com/security/advisories/VMSA-2022-0004.html •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2021-22042
https://notcve.org/view.php?id=CVE-2021-22042
16 Feb 2022 — VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user. VMware ESXi contiene una vulnerabilidad de acceso no autorizado debido a que VMX presenta acceso a los tickets de autorización de settingsd. Un actor malicioso con privilegios sólo dentro del proceso VMX, puede ser capaz de acceder al servicio settingsd q... • https://www.vmware.com/security/advisories/VMSA-2022-0004.html • CWE-863: Incorrect Authorization •
CVSS: 6.7EPSS: 0%CPEs: 173EXPL: 0CVE-2021-22040
https://notcve.org/view.php?id=CVE-2021-22040
16 Feb 2022 — VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. VMware ESXi, Workstation y Fusion contienen una vulnerabilidad de uso de memoria previamente liberada en el controlador USB XHCI. Un actor malicioso con privilegios administrativos locales en una máquina virtual puede aprovechar este p... • https://www.vmware.com/security/advisories/VMSA-2022-0004.html • CWE-416: Use After Free •
CVSS: 7.8EPSS: 4%CPEs: 218EXPL: 0CVE-2021-22045 – VMware Workstation SCSI Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2021-22045
04 Jan 2022 — VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine. VMware ESXi (versiones 7.0, 6.7 anteriores a ESXi670-202111101-SG y 6.5 anteriores a ESXi... • http://packetstormsecurity.com/files/165440/VMware-Security-Advisory-2022-0001.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 238EXPL: 0CVE-2021-21995
https://notcve.org/view.php?id=CVE-2021-21995
13 Jul 2021 — OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition. OpenSLP, tal como se utiliza en ESXi, presenta una vulnerabilidad de denegación de servicio debido a un problema de lectura fuera de límites de la pila. Un actor malicioso con acceso de red al puerto 427 en ESXi puede ser capaz de desencadenar... • https://www.vmware.com/security/advisories/VMSA-2021-0014.html • CWE-125: Out-of-bounds Read •
CVSS: 9.8EPSS: 0%CPEs: 238EXPL: 0CVE-2021-21994
https://notcve.org/view.php?id=CVE-2021-21994
13 Jul 2021 — SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request. SFCB (Small Footprint CIM Broker), tal y como se utiliza en ESXi, presenta una vulnerabilidad en la omisión de la autenticación. Un actor malicioso con acceso de red al puerto 5989 en ESXi puede explotar este problema para omitir la autenticación de SFCB al enviar u... • https://www.vmware.com/security/advisories/VMSA-2021-0014.html • CWE-287: Improper Authentication •
CVSS: 8.8EPSS: 58%CPEs: 233EXPL: 7CVE-2021-21974 – VMware ESXi SLP Heap-based Buffer Overflow Remote Code Execution Vulnerability
https://notcve.org/view.php?id=CVE-2021-21974
24 Feb 2021 — OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue in OpenSLP service resulting in remote code execution. OpenSLP como es usado en ESXi (versiones 7.0 anteriores a ESXi70U1c-17325551, versiones 6.7 anteriores a ESXi670-202102401-SG, versiones 6.5 anteriores a ESXi6... • https://packetstorm.news/files/id/162957 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 0%CPEs: 4EXPL: 0CVE-2020-3999 – VMware Workstation SetGuestInfo Null Pointer Dereference Denial-of-Service Vulnerability
https://notcve.org/view.php?id=CVE-2020-3999
18 Dec 2020 — VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition. VMware ESXi (versiones 7.0 anteriores a ESXi70U1c-17325551), VM... • https://www.vmware.com/security/advisories/VMSA-2020-0029.html • CWE-20: Improper Input Validation •
CVSS: 8.2EPSS: 0%CPEs: 184EXPL: 0CVE-2020-4004
https://notcve.org/view.php?id=CVE-2020-4004
20 Nov 2020 — VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. VMware ESXi (versiones 7.0 anteriores a ESXi70U1b-17168206, versiones 6.7 anteriores a ESXi670-2020... • https://www.vmware.com/security/advisories/VMSA-2020-0026.html • CWE-416: Use After Free •