Vmware Photon Os vulnerabilities

CVE-2022-22942 [HIGH] CWE-416 CVE-2022-22942: The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.

CVE-2021-22055 [MEDIUM] CWE-74 CVE-2021-22055: The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the packag The SchedulerServer in Vmware photon allows remote attackers to inject logs through \r in the package parameter. Attackers can also insert malicious data and fake entries.

CVE-2020-10713 [HIGH] CWE-120 CVE-2020-10713: A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and A flaw was found in grub2, prior to version 2.06. An attacker may use the GRUB 2 flaw to hijack and tamper the GRUB verification process. This flaw also allows the bypass of Secure Boot protections. In order to load an untrusted or modified kernel, an attacker would first need to establish access to the system such as gaining physical access, obtain th

CVE-2016-5333 [CRITICAL] CWE-798 CVE-2016-5333: VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key.