13049 matches found
VMware Fusion 安全漏洞
VMware Fusion is a suite of virtual machine software from VMware, Inc. designed to run Windows applications on Macs. A security vulnerability exists in VMware Fusion that stems from the use of insecure environment variables, resulting in a code execution vulnerability...
VMware Fusion 13.0.x < 13.6 Vulnerability (VMSA-2024-0018)
The version of VMware Fusion installed on the remote macOS or Mac OS X host is 13.0.x prior to 13.6. It is, therefore, affected by a vulnerability. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...
Log4Shell HTTP Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'Log4Shell HTTP Scanner', 'Description' = %q Versions of Apache Log4j2 impacted by CVE-2021-44228 which allow JNDI features used in configuration,...
VMWare Update Manager 4 Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule "VMWare Update Manager 4 Directory Traversal", 'Description' = %q This modules exploits a directory traversal vulnerability in VMWare Update Manag...
SaltStack Salt Master Server Root Key Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'SaltStack Salt Master Server Root Key Disclosure', 'Description' = %q This module exploits unauthenticated access to the prepauthinfo method in t...
VMware VCenter Server Vmdir Authentication Bypass
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server vmdir Authentication Bypass', 'Description' = %q This module bypasses LDAP authentication in VMware vCenter Server's vmdir...
VMware Server Directory Traversal
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware Server Directory Traversal Vulnerability', 'Description' = 'This modules exploits the VMware Server Directory Traversal vulnerability in...
VMware vCenter Server vmdir Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMware vCenter Server vmdir Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from the...
VMWare Web Login Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Web Login Scanner', 'Description' = 'This module attempts to authenticate to the VMWare HTTP service for VmWare Server, ESX, and ESXI',...
VMWare Enumerate User Accounts
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'VMWare Enumerate User Accounts', 'Description' = %Q This module will log into the Web API of VMWare and try to enumerate all the user accounts. I...
LDAP Information Disclosure
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'LDAP Information Disclosure', 'Description' = %q This module uses an anonymous-bind LDAP connection to dump data from an LDAP server. Searching f...
CVE-2024-45488
One Identity Safeguard for Privileged Passwords before 7.5.2 allows unauthorized access because of an issue related to cookies. This only affects virtual appliance installations VMware or HyperV. The fixed versions are 7.0.5.1 LTS, 7.4.2, and 7.5.2...
CVE-2024-45488
One Identity Safeguard for Privileged Passwords (virtual appliances on VMware/HyperV) is affected by CVE-2024-45488. The issue is described as an authentication bypass due to a cookie-related flaw that allows unauthorized access. Affected versions are prior to 7.5.2, with fixed releases in 7.0.5....
Photon OS 3.0: Go PHSA-2024-3.0-0785
An update of the go package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0785. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid206342...
Photon OS 3.0: Linux PHSA-2024-3.0-0788
An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-3.0-0788. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
PT-2024-31658 · Vmware +2 · Vmware +2
Name of the Vulnerable Software and Affected Versions: One Identity Safeguard for Privileged Passwords versions prior to 7.5.2 One Identity Safeguard for Privileged Passwords version 7.0.5.1 LTS One Identity Safeguard for Privileged Passwords version 7.4.2 Description: The issue allows unauthoriz...
BlackByte Ransomware Exploits New VMware Flaw in VPN-Based Attacks
BlackByte ransomware group is leveraging a newly discovered VMware ESXi vulnerability and VPN access to launch a new…...
BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave
The threat actors behind the BlackByte ransomware group have been observed likely exploiting a recently patched security flaw impacting VMware ESXi hypervisors, while also leveraging various vulnerable drivers to disarm security protections. "The BlackByte ransomware group continues to leverage...
Photon OS 4.0: Libtiff PHSA-2024-4.0-0673
An update of the libtiff package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0673. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Libtiff PHSA-2024-5.0-0354
An update of the libtiff package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0354. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...