Syntax: kev:true severity:critical epss:>0.95 vendor:cisco patch:false
Filters
Severity
Exploitation
Data Source
Data Quality
Vendor
CWE — Weakness Type
Clear all
Top 20 matches Showing top matches — use filters or a more specific query to narrow
VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control. A malicious actor with non-administrative privileges on a guest VM may gain ability to perform
VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls. A malicious actor with non-administrative privileges on a guest VM, who is alr
VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within
An improper access control vulnerability allows low-privileged users to execute code with Administrator privileges remotely.
Out-of-bound write vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to terminate certain Workstation processes.
VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vC
Out-of-bound read vulnerability in VMware Workstation 25H1 and below on any platform allows an actor with non-administrative privileges on a guest VM to obtain limited information disclosure from the
Authentication bypass using an alternate path or channel in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
Improper access control in Windows Ancillary Function Driver for WinSock allows an authorized attacker to elevate privileges locally.
A vulnerability in Cisco Catalyst Center Virtual Appliance could allow an authenticated, remote attacker to elevate privileges to Administrator on an affected system. This vulnerability is due to i
A flaw was found in kubevirt. A user within a virtual machine (VM), if the guest agent is active, can exploit this by causing the agent to report an excessive number of network interfaces. This action
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware
CVE-2025-41244
HIGH CVSS 7.8 KEV
Find Similar
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed
VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be
Improper access control in Azure Windows Virtual Machine Agent allows an authorized attacker to elevate privileges locally.
An authorization bypass vulnerability exists in the Mavenir SCE Application Provisioning Portal, version PORTAL-LBS-R_1_0_24_0, which allows an authenticated 'guest' user to perform unauthorized admin
VMWare Workstation and Fusion contain a logic flaw in the management of network packets.  Known attack vectors: A malicious actor with administrative privileges on a Guest VM may be able to interrupt
Page 1+ Next →