[{"data":1,"prerenderedAt":-1},["ShallowReactive",2],{"repo-stars":3,"vuln-CVE-2022-22942":6},{"stargazers_count":4,"fetched_at":5},7,"2026-06-04T02:53:27.892Z",{"id":7,"descriptions":8,"cisa":9,"weaknesses":10,"exploits":20,"aliases":44,"duplicate_of":9,"upstream":45,"downstream":46,"duplicates":173,"related":174,"reserved_at":9,"published_at":204,"modified_at":205,"state":206,"summary":207,"references_raw":215,"kevs":232,"epss":233,"epss_history":236,"metrics":480,"affected":488},"CVE-2022-22942","The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.",null,[11],{"_key":12,"id":12,"name":13,"description":14,"type":15,"status":16,"abstraction":17,"likelihood_of_exploit":18,"capec":19},"CWE-416","Use After Free","The product reuses or references memory after it has been freed. At some point afterward, the memory may be allocated again and saved in another pointer, while the original pointer references a location somewhere within the new allocation. Any operations using the original pointer are no longer valid because the memory \"belongs\" to the code that operates on the new pointer.","weakness","Stable","Variant","High",[],[21],{"_key":22,"name":23,"source":24,"url":25,"maturity":26,"reliability_score":27,"verified":28,"type":29,"platforms":30,"requires_auth":31,"exploitdb":9,"metasploit":32},"MSF_EXPLOIT_LINUX_LOCAL_VMWGFX_FD_PRIV_ESC","vmwgfx Driver File Descriptor Handling Priv Esc","metasploit","https://github.com/rapid7/metasploit-framework/blob/master/modules/exploit/linux/local/vmwgfx_fd_priv_esc.rb","weaponized",0.6666666666666666,true,"remote",[],false,{"fullname":33,"rank":34,"rank_name":35,"post_auth":31,"check":28,"notes":36},"exploit/linux/local/vmwgfx_fd_priv_esc",400,"good",{"Stability":37,"SideEffects":39,"Reliability":42},[38],"crash-os-down",[40,41],"artifacts-on-disk","ioc-in-logs",[43],"repeatable-session",[],[],[47,49,51,53,55,57,59,61,63,65,67,69,71,73,75,77,79,81,83,85,87,89,91,93,95,97,99,101,103,105,107,109,111,113,115,117,119,121,123,125,127,129,131,133,135,137,139,141,143,145,147,149,151,153,155,157,159,161,163,165,167,169,171],{"_key":48},"SUSE-SU-2022:0363-1",{"_key":50},"SUSE-SU-2022:0364-1",{"_key":52},"SUSE-SU-2022:0365-1",{"_key":54},"SUSE-SU-2022:0370-1",{"_key":56},"SUSE-SU-2022:0372-1",{"_key":58},"SUSE-SU-2022:0543-1",{"_key":60},"SUSE-SU-2022:0544-1",{"_key":62},"SUSE-SU-2022:0555-1",{"_key":64},"SUSE-SU-2022:1172-1",{"_key":66},"SUSE-SU-2022:1189-1",{"_key":68},"SUSE-SU-2022:1193-1",{"_key":70},"SUSE-SU-2022:1194-1",{"_key":72},"SUSE-SU-2022:1212-1",{"_key":74},"SUSE-SU-2022:1223-1",{"_key":76},"SUSE-SU-2022:1242-1",{"_key":78},"SUSE-SU-2022:1246-1",{"_key":80},"SUSE-SU-2022:1278-1",{"_key":82},"SUSE-SU-2022:1593-1",{"_key":84},"SUSE-SU-2024:2360-1",{"_key":86},"SUSE-SU-2024:2362-1",{"_key":88},"SUSE-SU-2024:2365-1",{"_key":90},"SUSE-SU-2024:2561-1",{"_key":92},"SUSE-SU-2022:2111-1",{"_key":94},"OPENSUSE-SU-2022:0363-1",{"_key":96},"OPENSUSE-SU-2022:0370-1",{"_key":98},"OPENSUSE-SU-2024:11796-1",{"_key":100},"OPENSUSE-SU-2024:13704-1",{"_key":102},"RHSA-2022:0771",{"_key":104},"RHSA-2022:0772",{"_key":106},"RHSA-2022:0777",{"_key":108},"RHSA-2022:0841",{"_key":110},"RHSA-2022:0592",{"_key":112},"RHSA-2022:1103",{"_key":114},"RHSA-2022:1107",{"_key":116},"RHSA-2022:1324",{"_key":118},"RHSA-2022:1373",{"_key":120},"DLA-2941-1",{"_key":122},"DSA-5092-1",{"_key":124},"DSA-5096-1",{"_key":126},"RHSA-2022:0620",{"_key":128},"RHSA-2022:0622",{"_key":130},"MGASA-2022-0041",{"_key":132},"MGASA-2022-0042",{"_key":134},"DEBIAN-CVE-2022-22942",{"_key":136},"RHSA-2022:1263",{"_key":138},"RHSA-2022:0819",{"_key":140},"RHSA-2022:0820",{"_key":142},"RHSA-2022:0821",{"_key":144},"RHSA-2022:0823",{"_key":146},"RHSA-2022:0825",{"_key":148},"RHSA-2022:0849",{"_key":150},"RHSA-2022:0851",{"_key":152},"RHSA-2022:0925",{"_key":154},"RHSA-2022:0958",{"_key":156},"UBUNTU-CVE-2022-22942",{"_key":158},"USN-5294-1",{"_key":160},"USN-5294-2",{"_key":162},"USN-5295-1",{"_key":164},"USN-5295-2",{"_key":166},"USN-5297-1",{"_key":168},"USN-5298-1",{"_key":170},"USN-5278-1",{"_key":172},"USN-5362-1",[],[175,176,177,178,179,180,181,182,183,184,185,186,187,188,189,190,191,192,193,194,195,196,197,198,199,200,201,202,203],{"_key":48},{"_key":50},{"_key":52},{"_key":54},{"_key":56},{"_key":58},{"_key":60},{"_key":62},{"_key":64},{"_key":66},{"_key":68},{"_key":70},{"_key":72},{"_key":74},{"_key":76},{"_key":78},{"_key":80},{"_key":82},{"_key":84},{"_key":86},{"_key":88},{"_key":90},{"_key":92},{"_key":94},{"_key":96},{"_key":98},{"_key":100},{"_key":130},{"_key":132},"2023-12-13T08:16:34.363Z","2024-08-03T03:28:42.652Z","Modified",{"cisa_kev":31,"cisa_ransomware":31,"cisa_vendor":9,"epss_severity":208,"epss_score":209,"severity":210,"severity_score":211,"severity_version":212,"severity_source":213,"severity_vector":214,"severity_status":206},"medium",0.13534,"high",7.8,"v3.1","cve.org","CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",[216,222,226],{"url":217,"sources":218,"tags":220},"https://github.com/vmware/photon/wiki/Security-Update-3.0-356",[213,219],"nvd",[221],"Release Notes",{"url":223,"sources":224,"tags":225},"https://github.com/vmware/photon/wiki/Security-Update-4.0-148",[213,219],[221],{"url":227,"sources":228,"tags":229},"https://www.openwall.com/lists/oss-security/2022/01/27/4",[213,219],[230,231],"Mailing List","Third Party Advisory",[],{"date":234,"score":209,"percentile":235},"2026-06-03",0.94356,[237,241,243,246,249,252,254,256,259,262,265,268,271,273,276,280,283,286,289,292,295,298,301,303,306,309,311,314,317,320,322,324,326,328,330,333,336,339,342,345,348,350,353,356,359,362,364,367,369,372,374,377,380,383,386,389,392,394,396,399,402,405,407,409,411,414,417,419,422,425,427,429,432,434,437,440,443,445,447,450,453,456,459,462,465,467,470,472,474,477],{"date":238,"score":239,"percentile":240},"2025-11-04",0.13103,0.93805,{"date":242,"score":239,"percentile":240},"2025-11-05",{"date":244,"score":239,"percentile":245},"2025-11-06",0.93807,{"date":247,"score":239,"percentile":248},"2025-11-07",0.9381,{"date":250,"score":239,"percentile":251},"2025-11-08",0.93811,{"date":253,"score":239,"percentile":248},"2025-11-09",{"date":255,"score":239,"percentile":251},"2025-11-10",{"date":257,"score":239,"percentile":258},"2025-11-11",0.93813,{"date":260,"score":239,"percentile":261},"2025-11-12",0.93819,{"date":263,"score":239,"percentile":264},"2025-11-13",0.9382,{"date":266,"score":239,"percentile":267},"2025-11-14",0.93824,{"date":269,"score":239,"percentile":270},"2025-11-15",0.93821,{"date":272,"score":239,"percentile":267},"2025-11-16",{"date":274,"score":239,"percentile":275},"2025-11-17",0.93823,{"date":277,"score":278,"percentile":279},"2025-11-18",0.20478,0.95137,{"date":281,"score":278,"percentile":282},"2025-11-19",0.95138,{"date":284,"score":278,"percentile":285},"2025-11-20",0.95141,{"date":287,"score":239,"percentile":288},"2025-11-21",0.93831,{"date":290,"score":239,"percentile":291},"2025-11-22",0.9383,{"date":293,"score":239,"percentile":294},"2025-11-23",0.93836,{"date":296,"score":239,"percentile":297},"2025-11-24",0.93838,{"date":299,"score":239,"percentile":300},"2025-11-25",0.93839,{"date":302,"score":239,"percentile":297},"2025-11-26",{"date":304,"score":239,"percentile":305},"2025-11-27",0.9384,{"date":307,"score":239,"percentile":308},"2025-11-28",0.93833,{"date":310,"score":239,"percentile":297},"2025-11-29",{"date":312,"score":239,"percentile":313},"2025-11-30",0.93837,{"date":315,"score":239,"percentile":316},"2025-12-01",0.93885,{"date":318,"score":239,"percentile":319},"2025-12-02",0.93886,{"date":321,"score":239,"percentile":319},"2025-12-03",{"date":323,"score":239,"percentile":294},"2025-12-04",{"date":325,"score":239,"percentile":305},"2025-12-05",{"date":327,"score":239,"percentile":305},"2025-12-06",{"date":329,"score":239,"percentile":300},"2025-12-07",{"date":331,"score":239,"percentile":332},"2025-12-08",0.93841,{"date":334,"score":239,"percentile":335},"2025-12-09",0.93847,{"date":337,"score":239,"percentile":338},"2025-12-10",0.93853,{"date":340,"score":239,"percentile":341},"2025-12-11",0.93855,{"date":343,"score":239,"percentile":344},"2025-12-12",0.93857,{"date":346,"score":239,"percentile":347},"2025-12-13",0.93856,{"date":349,"score":239,"percentile":341},"2025-12-14",{"date":351,"score":239,"percentile":352},"2025-12-15",0.93858,{"date":354,"score":239,"percentile":355},"2025-12-16",0.93861,{"date":357,"score":239,"percentile":358},"2025-12-17",0.93865,{"date":360,"score":239,"percentile":361},"2025-12-18",0.93869,{"date":363,"score":239,"percentile":361},"2025-12-19",{"date":365,"score":239,"percentile":366},"2025-12-20",0.93867,{"date":368,"score":239,"percentile":366},"2025-12-21",{"date":370,"score":239,"percentile":371},"2025-12-22",0.93868,{"date":373,"score":239,"percentile":366},"2025-12-23",{"date":375,"score":239,"percentile":376},"2025-12-24",0.9387,{"date":378,"score":239,"percentile":379},"2025-12-25",0.93878,{"date":381,"score":239,"percentile":382},"2025-12-26",0.93876,{"date":384,"score":239,"percentile":385},"2025-12-27",0.93922,{"date":387,"score":239,"percentile":388},"2025-12-28",0.93873,{"date":390,"score":239,"percentile":391},"2025-12-29",0.93871,{"date":393,"score":239,"percentile":388},"2025-12-30",{"date":395,"score":239,"percentile":379},"2025-12-31",{"date":397,"score":239,"percentile":398},"2026-01-01",0.93921,{"date":400,"score":239,"percentile":401},"2026-01-02",0.93917,{"date":403,"score":239,"percentile":404},"2026-01-03",0.93914,{"date":406,"score":239,"percentile":388},"2026-01-04",{"date":408,"score":239,"percentile":376},"2026-01-05",{"date":410,"score":239,"percentile":391},"2026-01-06",{"date":412,"score":239,"percentile":413},"2026-01-07",0.93872,{"date":415,"score":239,"percentile":416},"2026-01-08",0.93875,{"date":418,"score":239,"percentile":379},"2026-01-09",{"date":420,"score":239,"percentile":421},"2026-01-10",0.93879,{"date":423,"score":239,"percentile":424},"2026-01-11",0.93877,{"date":426,"score":239,"percentile":416},"2026-01-12",{"date":428,"score":239,"percentile":382},"2026-01-13",{"date":430,"score":239,"percentile":431},"2026-01-14",0.93884,{"date":433,"score":239,"percentile":319},"2026-01-15",{"date":435,"score":239,"percentile":436},"2026-01-16",0.9389,{"date":438,"score":239,"percentile":439},"2026-01-17",0.93895,{"date":441,"score":239,"percentile":442},"2026-01-18",0.93891,{"date":444,"score":239,"percentile":436},"2026-01-19",{"date":446,"score":239,"percentile":442},"2026-01-20",{"date":448,"score":239,"percentile":449},"2026-01-21",0.93894,{"date":451,"score":239,"percentile":452},"2026-01-22",0.93898,{"date":454,"score":239,"percentile":455},"2026-01-23",0.93904,{"date":457,"score":239,"percentile":458},"2026-01-24",0.93908,{"date":460,"score":239,"percentile":461},"2026-01-25",0.9391,{"date":463,"score":239,"percentile":464},"2026-01-26",0.93912,{"date":466,"score":239,"percentile":464},"2026-01-27",{"date":468,"score":239,"percentile":469},"2026-01-28",0.93916,{"date":471,"score":239,"percentile":401},"2026-01-29",{"date":473,"score":239,"percentile":469},"2026-01-30",{"date":475,"score":239,"percentile":476},"2026-01-31",0.93918,{"date":478,"score":239,"percentile":479},"2026-02-01",0.93955,[481,486],{"source":213,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":482,"cvss_v4_0":9},{"baseScore":211,"baseSeverity":483,"vectorString":214,"impactScore":484,"exploitabilityScore":485},"HIGH",9.8,4.6,{"source":219,"cvss_v2_0":9,"cvss_v3_0":9,"cvss_v3_1":487,"cvss_v4_0":9},{"baseScore":211,"baseSeverity":483,"vectorString":214,"impactScore":484,"exploitabilityScore":485},[489],{"ecosystem":9,"name":490,"vendor":491,"product":492,"cpe_part":493,"purl_type":9,"purl_namespace":9,"purl_name":9,"source":9,"versions":494},"photon os","vmware","photon_os","o",[495,498],{"version":496,"is_range":31,"range_type":497,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"3.0","cpe",{"version":499,"is_range":31,"range_type":497,"version_start":9,"version_start_type":9,"version_end":9,"version_end_type":9,"fixed_in":9},"4.0"]