VMware ESXi 6.5 650-202102002

CPE Details

VMware ESXi 6.5 650-202102002
vmware
esxi
6.5
2022-01-26
14h45 +00:00
2022-01-31
16h45 +00:00
CPE NVD
Alerte pour un CPE
Restez informé de toutes modifications pour un CPE spécifique.
Gestion des notifications

CPE Name: cpe:2.3:o:vmware:esxi:6.5:650-202102002:*:*:*:*:*:*

Informations

Vendor

vmware

Product

esxi

Version

6.5

Update

650-202102002

Related CVE

Open and find in CVE List

CVE ID Publié Description Score Gravité
CVE-2023-29552 2023-04-25 00h00 +00:00 The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
7.5
Haute
CVE-2022-31696 2022-12-12 23h00 +00:00 VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.
8.8
Haute
CVE-2022-31699 2022-12-12 23h00 +00:00 VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.
3.3
Bas
CVE-2022-31681 2022-10-06 22h00 +00:00 VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host.
6.5
Moyen
CVE-2021-22045 2022-01-04 20h39 +00:00 VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be able to exploit this vulnerability in conjunction with other issues to execute code on the hypervisor from a virtual machine.
7.8
Haute
CVE-2021-21995 2021-07-13 16h05 +00:00 OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-service condition.
7.5
Haute
CVE-2021-21994 2021-07-13 16h05 +00:00 SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.
9.8
Critique
CVE-2018-6977 2018-10-09 20h00 +00:00 VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive.
6.5
Moyen