Filtered by vendor Vmware Subscriptions
Total 901 CVE
CVE Vendors Products Updated CVSS v3.1
CVE-2022-38652 1 Vmware 1 Hyperic Agent 2024-11-21 9.9 Critical
A remote insecure deserialization vulnerability exixsts in VMWare Hyperic Agent 5.8.6. Exploitation of this vulnerability enables a malicious authenticated user to run arbitrary code or malware within a Hyperic Agent instance and its host operating system with the privileges of the Hyperic Agent process (often SYSTEM on Windows platforms). NOTE: prior exploitation of CVE-2022-38650 results in the disclosure of the authentication material required to exploit this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2022-38651 1 Vmware 1 Hyperic Server 2024-11-21 9.8 Critical
A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to bypass some authentication requirements when issuing requests to Hyperic Server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2022-38650 1 Vmware 1 Hyperic Server 2024-11-21 10.0 Critical
A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware within Hyperic Server and the host operating system with the privileges of the Hyperic server process. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
CVE-2022-36797 1 Vmware 1 Ixgben 2024-11-21 3.3 Low
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access.
CVE-2022-36416 1 Vmware 1 Ixgben 2024-11-21 4.4 Medium
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local access.
CVE-2022-34684 5 Citrix, Linux, Nvidia and 2 more 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more 2024-11-21 5.3 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer (nvidia.ko), where an off-by-one error may lead to data tampering or information disclosure.
CVE-2022-34682 5 Citrix, Linux, Nvidia and 2 more 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more 2024-11-21 5.5 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause a null-pointer dereference, which may lead to denial of service.
CVE-2022-34680 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2024-11-21 5.5 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an integer truncation can lead to an out-of-bounds read, which may lead to denial of service.
CVE-2022-34679 5 Citrix, Linux, Nvidia and 2 more 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more 2024-11-21 5.5 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unhandled return value can lead to a null-pointer dereference, which may lead to denial of service.
CVE-2022-34678 6 Citrix, Linux, Microsoft and 3 more 7 Hypervisor, Linux Kernel, Windows and 4 more 2024-11-21 6.5 Medium
NVIDIA GPU Display Driver for Windows and Linux contains a vulnerability in the kernel mode layer, where an unprivileged user can cause a null-pointer dereference, which may lead to denial of service.
CVE-2022-34677 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2024-11-21 5.5 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause an integer to be truncated, which may lead to denial of service or data tampering.
CVE-2022-34676 5 Citrix, Linux, Nvidia and 2 more 6 Hypervisor, Linux Kernel, Cloud Gaming and 3 more 2024-11-21 7.1 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an out-of-bounds read may lead to denial of service, information disclosure, or data tampering.
CVE-2022-34674 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2024-11-21 6.8 Medium
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where a helper function maps more physical pages than were requested, which may lead to undefined behavior or an information leak.
CVE-2022-34670 6 Citrix, Debian, Linux and 3 more 13 Hypervisor, Debian Linux, Linux Kernel and 10 more 2024-11-21 7.8 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer handler, where an unprivileged regular user can cause truncation errors when casting a primitive to a primitive of smaller size causes data to be lost in the conversion, which may lead to denial of service or information disclosure.
CVE-2022-31711 1 Vmware 1 Vrealize Log Insight 2024-11-21 5.3 Medium
VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication.
CVE-2022-31710 1 Vmware 1 Vrealize Log Insight 2024-11-21 7.5 High
vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service.
CVE-2022-31708 1 Vmware 1 Vrealize Operations 2024-11-21 4.9 Medium
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4.
CVE-2022-31707 1 Vmware 1 Vrealize Operations 2024-11-21 7.2 High
vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2.
CVE-2022-31706 1 Vmware 1 Vrealize Log Insight 2024-11-21 9.8 Critical
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
CVE-2022-31705 2 Apple, Vmware 4 Mac Os X, Esxi, Fusion and 1 more 2024-11-21 8.2 High
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.