The vulnerability of the VMware ESXi hypervisor, related to memory-walking, allows a attacker to trigger a service failure.

The vulnerability of the VMware ESXi hypervisor is related to reading beyond the memory boundary. Exploiting this vulnerability can allow an attacker to cause a service failure...

The vulnerability of the VMware ESXi hypervisor, related to deficiencies in authentication procedures, allows attackers to bypass the authentication process.

The vulnerability of the VMware ESXi hypervisor is related to deficiencies in the authentication process. Exploiting this vulnerability can allow a malicious actor to bypass the authentication process...

The vulnerability of the Hitachi Storage Provider for VMware vCenter storage system, related to the improper use of standard permissions, allows a malicious actor to read or modify protected information.

The vulnerability of the Hitachi Storage Provider for VMware vCenter storage system is related to the improper use of standard permissions. Exploiting this vulnerability may allow an attacker to read or modify the protected information...

USN-6878-1: Linux kernel (Oracle) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

USN-6878-1 linux-oracle vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

CVE-2024-22277

VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...

CVE-2024-22277

CVE-2024-22277 affects VMware Cloud Director Availability. An HTML injection vulnerability allows a network-authenticated attacker to craft malicious HTML tags that execute within replication tasks. The issue is addressed by VMware in the 4.7.2 release; advisory indicates affected product lines i...

PT-2024-5011 · Vmware · Vmware Cloud Director Availability

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director Availability affected versions not specified Description: The issue is related to an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags...

VMware Cloud Director Availability Security Vulnerability

VMware Cloud Director Availability is a Disaster Recovery-as-a-Service DRaaS solution from VMware, Inc. A security vulnerability exists in VMware Cloud Director Availability that stems from the inclusion of HTML injection, which allows an attacker with network access to craft malicious HTML tags...

Ubuntu 24.04 LTS : Linux kernel (Oracle) vulnerabilities (USN-6878-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6878-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

VMSA-2024-0016: VMware Cloud Director Availability addresses an HTML injection vulnerability (CVE-2024-22277)

Advisory ID: | VMSA-2024-0016 ---|--- Severity: | Moderate CVSSv3 Range: | 6.4 Issue date: | 2024-07-04 Updated on: | 2024-07-04 Initial Advisory CVEs | CVE-2024-22277 Synopsis: | VMware Cloud Director Availability addresses an HTML injection vulnerability CVE-2024-22277 1. Impacted Products...

VMware Enhanced Authentication Plug-in Installed (Windows)

Binary data vmwareenhancedauthenticationplug-inwininstalled.nbin...

Security Bulletin: IBM Watson Assistant for IBM Cloud Pak for Data is vulnerable to open redirect vulnerability in VMware Tanzu Spring Framework ( CVE-2024-22243)

Summary Potential open redirect vulnerability in VMware Tanzu Spring Framework CVE-2024-22243 has been identified that may affect IBM Watson Assistant for IBM Cloud Pak for Data. The vulnerability has been addressed. Refer to details for additional information. Vulnerability Details...

Security Bulletin: Vulnerability in VMware Tanzu Spring Framework affects IBM Process Mining CVE-2024-22262

Summary There is a vulnerability in VMware Tanzu Spring Framework that could allow a remote attacker to conduct phishing attacks on the system. The code is used by IBM Process Mining. This bulletin identifies the security fixes to apply to address the vulnerability. Vulnerability Details...

VMware vCenter Server 7.0 < 7.0U3q / 8.0 < 8.0U3 DoS (CVE-2024-37087)

The version of VMware vCenter Server installed on the remote host is 7.0 prior to 7.0U3q, or 8.0 prior to 8.0U3. It is, therefore, affected by an denial-of-service vulnerability as referenced in the VMSA-2024-0013 advisory. Note that Nessus has not tested for these issues but has instead relied...

VMware ESXi 7.0 / 8.0 Out-of-Bounds read (CVE-2024-37086)

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3q or 8.0 prior to 8.0 Update 3. It is, therefore, affected by an out-of-bounds read vulnerability as referenced in the VMSA-2024-0013 advisory: Note that Nessus has not tested for these issues but has instead relied...

VMware ESXi 7.0 / 8.0 Authenticaton Bypass (CVE-2024-37085)

The version of VMware ESXi installed on the remote host is prior to 8.0 Update 3. It is, therefore, affected by an authentication bypass vulnerability as referenced in the VMSA-2024-0013 advisory. Note that Nessus has not tested for these issues but has instead relied only on the application's...