13049 matches found
PT-2024-28233 · Vmware +1 · Vmware Spring +1
Name of the Vulnerable Software and Affected Versions: VMware Spring versions prior to 6.1.13 Description: The issue concerns improper access controls via DataBinder and String.toLowerCase, which has locale-dependent exceptions. This could result in fields not being protected as expected,...
CVE-2024-38814
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available...
CVE-2024-38814
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available...
CVE-2024-38814
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available...
CVE-2024-38814
The CVE-2024-38814 issue affects VMware HCX. It is an authenticated SQL injection in the listExtensions method that can allow a non-administrator, authenticated user to craft SQL queries and potentially achieve remote code execution on the HCX manager. Documented impact is high (CVE-2024-38814 CV...
CVE-2024-38814
An authenticated SQL injection vulnerability in VMware HCX was privately reported to VMware. A malicious authenticated user with non-administrator privileges may be able to enter specially crafted SQL queries and perform unauthorized remote code execution on the HCX manager. Updates are available...
VMware HCX SQL注入漏洞
VMware HCX is an application mobility platform from VMware, Inc. designed to simplify application migration, workload rebalancing, and business continuity across data centers and clouds. VMware HCX suffers from a SQL injection vulnerability that stems from a vulnerability that could allow a...
VMSA-2024-0021: VMware HCX addresses an authenticated SQL injection vulnerability (CVE-2024-38814)
Advisory ID: | VMSA-2024-0021 ---|--- Severity: | Important CVSSv3 Range: | 8.8 Synopsis: | VMware HCX addresses an authenticated SQL injection vulnerability CVE-2024-38814 Issue Date: | 2024-10-16 Updated On: | 2024-10-16 Initial Advisory CVEs: | CVE-2024-38814 1. Impacted Products VMware HCX 2...
Exploit for Code Injection in Vmware Spring_Cloud_Data_Flow
Use dnslog to detect whether CVE-2024-37084 vulnerability exi...
Exploit for Code Injection in Vmware Spring_Cloud_Data_Flow
Detect vulnerabilities First, Use dnslog to detect whether CV...
drm/vmwgfx: Fix a deadlock in dma buf fence polling
...
VulnCheck KEV: CVE-2024-22254
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox...
VulnCheck KEV: CVE-2024-22255
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process...
CVE-2024-38818
VMware NSX contains a local privilege escalation vulnerability. An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned...
CVE-2024-38815
VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive information disclosure...
CVE-2024-38815
VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive information disclosure...
CVE-2024-38815
VMware NSX contains a content spoofing vulnerability (CVE-2024-38815). An unauthenticated attacker can craft a URL that redirects victims to an attacker‑controlled domain, potentially leading to information disclosure. Affects VMware NSX and related NSX components; CVSSv3 base score up to 4.3 (Me...
CVE-2024-38815
VMware NSX contains a content spoofing vulnerability. An unauthenticated malicious actor may be able to craft a URL and redirect a victim to an attacker controlled domain leading to sensitive information disclosure...
CVE-2024-38818
VMware NSX contains a local privilege escalation vulnerability. An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned...
CVE-2024-38818
VMware NSX contains a local privilege escalation vulnerability. An authenticated malicious actor may exploit this vulnerability to obtain permissions from a separate group role than previously assigned...