cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2022-22977,https://securityvulnerability.io/vulnerability/CVE-2022-22977,XML External Entity Vulnerability in VMware Tools for Windows,"VMware Tools for Windows has a vulnerability that allows a malicious actor with non-administrative local user privileges to exploit an XML External Entity (XXE) issue. The exploitation could lead to a denial-of-service condition or unintended information disclosure, posing significant risks to system integrity and user data.",Vmware,Vmware Tools For Windows,7.1,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-05-24T18:15:38.000Z,0
CVE-2022-22943,https://securityvulnerability.io/vulnerability/CVE-2022-22943,Uncontrolled Search Path Vulnerability in VMware Tools for Windows,VMware Tools for Windows versions 11.x.y and 10.x.y before 12.0.0 are vulnerable due to an uncontrolled search path issue that could allow a malicious actor with local administrative privileges within the Windows guest operating system to execute arbitrary code with elevated system privileges. This vulnerability poses a significant risk as it may enable attackers to gain unauthorized access and control over critical system functions within the environment where VMware Tools is installed.,Vmware,Vmware Tools For Windows,6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2022-03-03T21:59:08.000Z,0
CVE-2021-21999,https://securityvulnerability.io/vulnerability/CVE-2021-21999,Local Privilege Escalation Vulnerability in VMware Tools and Console,"VMware Tools for Windows, VMware Remote Console for Windows, and VMware App Volumes are susceptible to a local privilege escalation vulnerability. An attacker with standard access to a virtual machine can exploit this issue by placing a specially crafted file named 'openssl.cnf' in an unrestricted directory. This exploitation allows for the execution of malicious code with elevated privileges, posing a significant risk for users if not addressed promptly.",Vmware,"Vmware Tools For Windows, Vmware Remote Console For Windows And Vmware App Volumes",7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-06-23T11:16:41.000Z,0
CVE-2021-21997,https://securityvulnerability.io/vulnerability/CVE-2021-21997,Denial-of-Service Vulnerability in VMware Tools for Windows by VMware,"VMware Tools for Windows contains a vulnerability in the VM3DMP driver that allows a malicious local user to exploit the driver, leading to a denial-of-service condition in the guest operating system. This issue can cause the VM3DMP driver to trigger a crash, resulting in loss of service and requiring a restart of the affected virtual machine. Users are advised to update their VMware Tools to the latest version to mitigate this risk.",Vmware,Vmware Tools For Windows,5.5,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2021-06-18T12:41:17.000Z,0
CVE-2020-3941,https://securityvulnerability.io/vulnerability/CVE-2020-3941,Privilege Escalation Vulnerability in VMware Tools for Windows,"VMware Tools for Windows 10.x.y suffers from a race condition during the repair operation, potentially allowing an attacker to escalate privileges within the Virtual Machine that has this software installed. This risk does not affect VMware Tools 11.x.y, as the problematic functionality is absent in that version. It is essential for users to apply the necessary updates and patches to mitigate this vulnerability and secure their environments.",Vmware,Vmware Tools For Windows (vmware Tools),7,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-01-15T19:03:19.000Z,0
CVE-2019-5522,https://securityvulnerability.io/vulnerability/CVE-2019-5522,Out of Bounds Read Vulnerability in VMware Tools for Windows,"VMware Tools for Windows contains an out of bounds read vulnerability in the vm3dmp driver, affecting Windows guest machines where VMware Tools is installed. This vulnerability is found in versions 10.2.x and 10.3.x prior to 10.3.10. A local attacker with non-administrative access could potentially exploit this flaw to expose sensitive kernel information or disrupt service on the affected Windows guest machine.",Vmware,Vmware Tools For Windows,7.1,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2019-06-06T19:00:03.000Z,0