VulnCheck KEV: CVE-2024-22252

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

VulnCheck KEV: CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the...

Photon OS 4.0: Openssl PHSA-2024-4.0-0684

An update of the openssl package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0684. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Vim PHSA-2024-4.0-0689

An update of the vim package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0689. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid20696...

Exploit for Code Injection in Vmware Spring_Cloud_Data_Flow

CVE-2024-37084-Poc Setup ,Analysis , Demo exploit and poc abou...

Photon OS 5.0: Linux PHSA-2024-5.0-0367

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0367. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Linux PHSA-2024-4.0-0685

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0685. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Linux PHSA-2024-5.0-0359

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0359. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Linux PHSA-2024-4.0-0678

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0678. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Unbound PHSA-2024-4.0-0677

An update of the unbound package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0677. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 3.0: Krb5 PHSA-2024-3.0-0791

An update of the krb5 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0791. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Krb5 PHSA-2024-5.0-0355

An update of the krb5 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0355. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Python3 PHSA-2024-5.0-0354

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0354. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 4.0: Python3 PHSA-2024-4.0-0673

An update of the python3 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0673. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2024-38811

VMware Fusion 13.x before 13.6 contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application...

CVE-2024-38811

VMware Fusion 13.x before 13.6 contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application...

CVE-2024-38811 Code-execution vulnerability

VMware Fusion 13.x before 13.6 contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application...

CVE-2024-38811 Code-execution vulnerability

VMware Fusion 13.x before 13.6 contains a code-execution vulnerability due to the usage of an insecure environment variable. A malicious actor with standard user privileges may exploit this vulnerability to execute code in the context of the Fusion application...

CVE-2024-38811

VMware Fusion for macOS versions 13.x before 13.6 contains a code‑execution vulnerability due to insecure handling of an environment variable. The root cause is an insecure environment variable usage inside the Fusion application, which could allow a local attacker with standard user privileges t...

VMware Fusion 安全漏洞

VMware Fusion is a suite of virtual machine software from VMware, Inc. designed to run Windows applications on Macs. A security vulnerability exists in VMware Fusion that stems from the use of insecure environment variables, resulting in a code execution vulnerability...