Your submission was sent successfully! Close

Thank you for contacting us. A member of our team will be in touch shortly. Close

You have successfully unsubscribed! Close

Thank you for signing up for our newsletter!
In these regular emails you will find the latest updates about Ubuntu and upcoming events where you can meet our team.Close

Search CVE reports


Toggle filters

1 – 10 of 11 results


CVE-2023-34057

Medium priority
Not affected

VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine.

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Not affected Not affected Not affected Not affected
Show less packages

CVE-2023-34059

Medium priority

Some fixes available 6 of 7

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-34058

Medium priority

Some fixes available 6 of 7

VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation...

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Not affected Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-20900

Medium priority
Fixed

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Fixed Fixed Fixed Fixed
Show less packages

CVE-2023-20867

Low priority

Some fixes available 5 of 6

A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Fixed Fixed Fixed Fixed
Show less packages

CVE-2009-1143

Negligible priority
Ignored

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs (aka hgfsmounter).

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Not affected Ignored Ignored Ignored
Show less packages

CVE-2009-1142

Medium priority
Not affected

An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled.

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Not affected Not affected Not affected Not affected
Show less packages

CVE-2022-31676

Medium priority
Fixed

VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Fixed Fixed Fixed Fixed
Show less packages

CVE-2015-5191

Low priority

Some fixes available 1 of 2

VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege...

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Not affected Not affected Not affected Fixed
Show less packages

CVE-2014-4199

Low priority
Vulnerable

vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp.

1 affected packages

open-vm-tools

Package 24.04 LTS 22.04 LTS 20.04 LTS 18.04 LTS 16.04 LTS
open-vm-tools Not affected Not affected Not affected Not affected Not affected
Show less packages