VMware Workstation, VMware Fusion Security Vulnerabilities

CVE-2024-36907

In the Linux kernel, the following vulnerability has been resolved: SUNRPC: add a missing rpc_stat for TCP TLS Commit 1548036ef120 ("nfs: make the rpc_stat per net namespace") added functionality to specify rpc_stats function but missed adding it to the TCP TLS functionality. As the result,...

(Pwn2Own) VMware Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability

This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...

SUSE: Security Advisory (SUSE-SU-2024:1844-1)

The remote host is missing an update for...

Out-of-bounds reads in Adobe Acrobat; Foxit PDF Reader contains vulnerability that could lead to SYSTEM-level privileges

Cisco Talos' Vulnerability Research team has helped to disclose and patch more than 20 vulnerabilities over the past three weeks, including two in the popular Adobe Acrobat Reader software. Acrobat, one of the most popular PDF readers currently available, contains two out-of-bounds read...

Check Point Warns of Zero-Day Attacks on its VPN Gateway Products

Check Point is warning of a zero-day vulnerability in its Network Security gateway products that threat actors have exploited in the wild. Tracked as CVE-2024-24919 (CVSS score: 8.6), the issue impacts CloudGuard Network, Quantum Maestro, Quantum Scalable Chassis, Quantum Security Gateways, and...

Oracle Linux 8 : krb5 (ELSA-2024-3268)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-3268 advisory. [1.18.2-27.0.1] - Fixed race condition in krb5_set_password() [Orabug: 33609767] [1.18.2-27] - Fix memory leak in GSSAPI interface Resolves:...

Critical Photon OS Security Update - PHSA-2024-3.0-0761

Updates of ['git'] packages of Photon OS have been...

krb5 security update

[1.18.2-27.0.1] - Fixed race condition in krb5_set_password() [Orabug: 33609767] [1.18.2-27] - Fix memory leak in GSSAPI interface Resolves: RHEL-27250 - Fix memory leak in PMAP RPC interface Resolves: RHEL-27244 - Make TCP waiting time configurable Resolves:...

RHEL 7 : rh-nodejs14 (RHSA-2024:3472)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3472 advisory. Node.js is a software development platform for building fast and scalable network applications in the JavaScript programming language. Security...

(RHSA-2024:3392) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability

Talos Vulnerability Report TALOS-2024-1942 AutomationDirect P3-550E Telnet Diagnostic Interface leftover debug code vulnerability May 28, 2024 CVE Number CVE-2024-21785 SUMMARY A leftover debug code vulnerability exists in the Telnet Diagnostic Interface functionality of AutomationDirect P3-550E...

AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability

Talos Vulnerability Report TALOS-2024-1941 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Read-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-23315 SUMMARY A read-what-where vulnerability exists in the Programming Software Connection IMM 01A1 Memory...

Moderate Photon OS Security Update - PHSA-2024-5.0-0280

Updates of ['curl'] packages of Photon OS have been...

AutomationDirect P3-550E Programming Software Connection scan_lib.bin library code injection vulnerability

Talos Vulnerability Report TALOS-2024-1943 AutomationDirect P3-550E Programming Software Connection scan_lib.bin library code injection vulnerability May 28, 2024 CVE Number CVE-2024-23601 SUMMARY A code injection vulnerability exists in the scan_lib.bin functionality of AutomationDirect P3-550E...

AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1939 AutomationDirect P3-550E Programming Software Connection FileSelect stack-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24963,CVE-2024-24962 SUMMARY A stack-based buffer overflow vulnerability exists in the Programming Software...

AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability

Talos Vulnerability Report TALOS-2024-1940 AutomationDirect P3-550E Programming Software Connection Remote Memory Diagnostics Write-What-Where vulnerability May 28, 2024 CVE Number CVE-2024-22187 SUMMARY A write-what-where vulnerability exists in the Programming Software Connection Remote Memory...

AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1936 AutomationDirect P3-550E Programming Software Connection FiBurn heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24851 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software Connection FiBurn...

RHEL 8 : pcp (RHSA-2024:3392)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3392 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability

Talos Vulnerability Report TALOS-2024-1937 AutomationDirect P3-550E Programming Software Connection CurrDir heap-based buffer overflow vulnerability May 28, 2024 CVE Number CVE-2024-24947,CVE-2024-24946 SUMMARY A heap-based buffer overflow vulnerability exists in the Programming Software...

AutomationDirect P3-550E Programming Software Connection FileSystem API out-of-bounds write vulnerabilities

Talos Vulnerability Report TALOS-2024-1938 AutomationDirect P3-550E Programming Software Connection FileSystem API out-of-bounds write vulnerabilities May 28, 2024 CVE Number CVE-2024-24956,CVE-2024-24957,CVE-2024-24959,CVE-2024-24958,CVE-2024-24955,CVE-2024-24954 SUMMARY Several out-of-bounds...

Oracle Linux 8 : fence-agents (ELSA-2024-2968)

The remote Oracle Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2024-2968 advisory. [4.2.1-129] - bundled urllib3: fix CVE-2023-45803 Resolves: RHEL-18132 - bundled pycryptodome: fix CVE-2023-52323 Resolves: RHEL-20915 -...

Exploit for Deserialization of Untrusted Data in Vmware Spring For Apache Kafka

CVE-2023-34040 Spring Kafka Deserialization Remote Code...

Moderate Photon OS Security Update - PHSA-2024-4.0-0618

Updates of ['dbus'] packages of Photon OS have been...

Security Bulletin: IBM Security Guardium is affected by multiple vulnerabilities

Summary IBM Security Guardium has addressed these vulnerabilities with updates. Vulnerability Details ** CVEID: CVE-2023-34054 DESCRIPTION: **VMware Tanzu Reactor Netty is vulnerable to a denial of service, caused by a flaw when built-in integration with Micrometer is enabled. By sending...

Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack

The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure (ICS) involved the threat actor creating rogue virtual machines (VMs) within its VMware environment. "The adversary created....

Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern

Ransomware attacks targeting VMware ESXi infrastructure follow an established pattern regardless of the file-encrypting malware deployed, new findings show. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations and....

Security Bulletin: Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager (CVE-2024-22259, CVE-2024-22243, CVE-2024-22262).

Summary Vulnerability in Spring Framework affects IBM Tivoli Application Dependency Discovery Manager ((CVE-2024-22259, CVE-2024-22243, CVE-2024-22262). IBM has addressed the vulnerabilities. Vulnerability Details ** CVEID: CVE-2024-22262 DESCRIPTION: **VMware Tanzu Spring Framework could allow a.....

(RHSA-2024:3323) Important: pcp security update

Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance measurements. Its light-weight distributed architecture makes it particularly well-suited to centralized analysis of complex systems. Security Fix(es): pcp:.....

RHEL 8 : pcp (RHSA-2024:3323)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3323 advisory. Performance Co-Pilot (PCP) is a suite of tools, services, and libraries for acquisition, archiving, and analysis of system-level performance...

VMware ESXi Out-of-bounds read/write Vulnerability (VMSA-2024-0011)

VMware ESXi is prone to an out-of-bounds read/write...

VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Linux

VMware Workstation is prone to multiple ...

fence-agents security and bug fix update

[4.2.1-129] - bundled urllib3: fix CVE-2023-45803 Resolves: RHEL-18132 - bundled pycryptodome: fix CVE-2023-52323 Resolves: RHEL-20915 - bundled jinja2: fix CVE-2024-22195 Resolves: RHEL-22174 [4.2.1-127] - fence_scsi: fix registration handling if ISID conflicts Resolves: RHEL-5397 -...

Important Photon OS Security Update - PHSA-2024-3.0-0760

Updates of ['linux-aws', 'linux-rt', 'linux-secure', 'linux-esx', 'linux'] packages of Photon OS have been...

RHEL 8 : krb5 (RHSA-2024:3268)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:3268 advisory. Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of...

VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Windows

VMware Workstation is prone to multiple ...

VMware Fusion Multiple Vulnerabilities (VMSA_2024_0010) - Mac OS X

VMware Fusion is prone to multiple ...

RHEL 8 : fence-agents (RHSA-2024:2968)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2024:2968 advisory. The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or...

RHEL 7 : libreoffice (RHSA-2024:3304)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:3304 advisory. LibreOffice is an open source, community-developed office productivity suite. It includes key desktop applications, such as a word processor,...

(RHSA-2024:3268) Low: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

(RHSA-2024:2968) Moderate: fence-agents security and bug fix update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): urllib3: Request body not stripped after redirect from 303 status...

CentOS 8 : krb5 (CESA-2024:3268)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:3268 advisory. Kerberos 5 (aka krb5) 1.21.2 contains a memory leak in /krb5/src/lib/rpc/pmap_rmt.c. (CVE-2024-26458) Kerberos 5 (aka krb5) 1.21.2 contains a memory...

VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Linux

VMware Workstation is prone to an out of bounds read/write...

VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Windows

VMware Workstation is prone to an out of bounds read/write...

CentOS 8 : fence-agents (CESA-2024:2968)

The remote CentOS Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the CESA-2024:2968 advisory. urllib3 is a user-friendly HTTP client library for Python. urllib3 previously wouldn't remove the HTTP request body when an HTTP redirect response...

VMware Workstation SVGA Heap-based Buffer Overflow Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workstation. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists...

Low: krb5 security update

Kerberos is a network authentication system, which can improve the security of your network by eliminating the insecure practice of sending passwords over the network in unencrypted form. It allows clients and servers to authenticate to each other with the help of a trusted third party, the...

Moderate: fence-agents security and bug fix update

The fence-agents packages provide a collection of scripts for handling remote power management for cluster devices. They allow failed or unreachable nodes to be forcibly restarted and removed from the cluster. Security Fix(es): urllib3: Request body not stripped after redirect from 303 status...

Moderate Photon OS Security Update - PHSA-2024-5.0-0275

Updates of ['wireshark'] packages of Photon OS have been...

Moderate Photon OS Security Update - PHSA-2024-4.0-0614

Updates of ['wireshark'] packages of Photon OS have been...

CVE-2024-22274

The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating...