CVE-2025-22226

MEDIUM Year: 2025
CVSS v3 Score
6.0
Medium
Weakness Type
CWE-125
View all →

Vulnerability Description

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

Related Vulnerabilities

CVE-2016-5107

MEDIUM
CVSS:6.0(Medium)

The megasas_lookup_frame function in QEMU, when built with MegaRAID SAS 8708EM2 Host Bus Adapter emulation support, allows local guest OS administrators to cause a denial of service (out-of-bounds rea...

CWE-1252016

CVE-2018-5683

MEDIUM
CVSS:6.0(Medium)

The vga_draw_text function in Qemu allows local OS guest privileged users to cause a denial of service (out-of-bounds read and QEMU process crash) by leveraging improper memory address validation.

CWE-1252018

CVE-2019-19927

MEDIUM
CVSS:6.0(Medium)

In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.git on kernel.ubuntu.com), mounting a crafted f2fs filesystem image and performing some operations can lead to slab-out-of-bounds read acc...

CWE-1252019

CVE-2020-11293

MEDIUM
CVSS:6.0(Medium)

Out of bound read can happen in Widevine TA while copying data to buffer from user data due to lack of check of buffer length received in Snapdragon Auto, Snapdragon Compute, Snapdragon Connectivity, ...

CWE-1252020

CVE-2020-2741

MEDIUM
CVSS:6.0(Medium)

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.40, prior to 6.0.20 and prior to 6.1.6. Easily explo...

CWE-1252020

CVE-2020-2743

MEDIUM
CVSS:6.0(Medium)

Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are Prior to 5.2.36, prior to 6.0.16 and prior to 6.1.2. Easily explo...

CWE-1252020