VMware Photon Os
By the Year
In 2024 there have been 0 vulnerabilities in VMware Photon Os . Last year Photon Os had 1 security vulnerability published. Right now, Photon Os is on track to have less security vulnerabilities in 2024 than it did last year.
| Year | Vulnerabilities | Average Score |
|---|---|---|
| 2024 | 0 | 0.00 |
| 2023 | 1 | 7.80 |
| 2022 | 1 | 5.30 |
| 2021 | 0 | 0.00 |
| 2020 | 1 | 8.20 |
| 2019 | 0 | 0.00 |
| 2018 | 0 | 0.00 |
It may take a day or so for new Photon Os vulnerabilities to show up in the stats or in the list of recent security vulnerabilties. Additionally vulnerabilities may be tagged under a different product or component name.
Recent VMware Photon Os Security Vulnerabilities
The vmwgfx driver contains a local privilege escalation vulnerability
CVE-2022-22942
7.8 - High
- December 13, 2023
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
Dangling pointer
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter
CVE-2021-22055
5.3 - Medium
- April 11, 2022
The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.
Injection
A flaw was found in grub2, prior to version 2.06
CVE-2020-10713
8.2 - High
- July 30, 2020
A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain the ability to alter a pxe-boot network, or have remote access to a networked system with root access. With this access, an attacker could then craft a string to cause a buffer overflow by injecting a malicious payload that leads to arbitrary code execution within GRUB. The highest threat from this vulnerability is to data confidentiality and integrity as well as system availability.
Classic Buffer Overflow
Stay on top of Security Vulnerabilities
Want an email whenever new vulnerabilities are published for VMware Photon Os or by VMware? Click the Watch button to subscribe.
