Lucene search
K

13052 matches found

IBM Security Bulletins
IBM Security Bulletins
added 2024/06/12 9:25 a.m.36 views

Security Bulletin: IBM Sterling Connect:Direct for Microsoft Windows is vulnerable to multiple issues due to VMware Tanzu Spring

Summary There are vulnerabilities in VMware Tanzu Spring Security and Framework used by Integrated Web Services in IBM Sterling Connect:Direct for Microsoft Windows. IBM Sterling Connect:Direct for Microsoft Windows has addressed the applicable CVEs. Vulnerability Details CVEID:CVE-2024-22257...

8.2CVSS8AI score0.01191EPSS
Exploits2Affected Software1
Ubuntu
Ubuntu
added 2024/06/11 12:15 p.m.185 views

USN-6817-2: Linux kernel (OEM) vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
OSV
OSV
added 2024/06/11 12:15 p.m.12 views

USN-6817-2 linux-oem-6.8 vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS6.7AI score0.01635EPSS
Exploits0References221
Tenable Nessus
Tenable Nessus
added 2024/06/10 12:0 a.m.90 views

Ubuntu 24.04 LTS : Linux kernel (OEM) vulnerabilities (USN-6817-2)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-2 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

9.1CVSS6.9AI score0.01635EPSS
Exploits0References215
Veeam
Veeam
added 2024/06/10 12:0 a.m.16 views

How to Enable Changed Block Tracking for Guest Cluster on vSphere with Tanzu

Purpose Changed Block Tracking is a VMware feature that tracks changes in virtual disks. Veeam Kasten for Kubernetes uses this feature in vSphere with Tanzu Guest Clusters to efficiently back up Persistent Volumes. Enabling Changed Block Tracking in each Supervisor Cluster where Veeam Kasten for...

7.2AI score
Exploits0
Ubuntu
Ubuntu
added 2024/06/07 6:49 p.m.129 views

USN-6817-1: Linux kernel vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS7.5AI score0.01635EPSS
Exploits0
OSV
OSV
added 2024/06/07 6:49 p.m.14 views

USN-6817-1 linux-aws, linux-gcp vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS6.7AI score0.01635EPSS
Exploits0References221
OSV
OSV
added 2024/06/07 6:18 p.m.24 views

USN-6816-1 linux, linux-ibm, linux-lowlatency, linux-raspi vulnerabilities

Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereference. A local attacker could possibly trigger this vulnerability to cause a denial of service. CVE-2022-38096 Zheng Wang discovered that the Broadc...

9.1CVSS6.7AI score0.01635EPSS
Exploits0References222
Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.130 views

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6816-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6816-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

9.1CVSS6.9AI score0.01635EPSS
Exploits0References216
Tenable Nessus
Tenable Nessus
added 2024/06/07 12:0 a.m.74 views

Ubuntu 24.04 LTS : Linux kernel vulnerabilities (USN-6817-1)

The remote Ubuntu 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6817-1 advisory. Ziming Zhang discovered that the DRM driver for VMware Virtual GPU did not properly handle certain error conditions, leading to a NULL pointer dereferenc...

9.1CVSS6.9AI score0.01635EPSS
Exploits0References215
OSV
OSV
added 2024/06/06 12:29 p.m.5 views

USN-6567-2 qemu regression

USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in certain environments. This update fixes the problem. Original advisory details: Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the...

6.2AI score
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/06/06 12:0 a.m.51 views

Ubuntu 20.04 LTS / 22.04 LTS : QEMU regression (USN-6567-2)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-6567-2 advisory. USN-6567-1 fixed vulnerabilities QEMU. The fix for CVE-2023-2861 was too restrictive and introduced a behaviour change leading to a regression in...

7.1CVSS6.3AI score0.00373EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2024/06/05 8:40 p.m.35 views

Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in spring-web-5.3.15.jar

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of spring-web-5.3.15.jar Vulnerability Details CVEID:CVE-2024-22243 DESCRIPTION: VMware Tanzu Spring Framework could allow a remote attacker to conduct phishing attacks, caused by an open redirect vulnerability...

8.1CVSS7.8AI score0.03967EPSS
Exploits1Affected Software1
Trend Micro Simply Security
Trend Micro Simply Security
added 2024/06/05 12:0 a.m.11 views

TargetCompany’s Linux Variant Targets ESXi Environments

In this blog entry, our researchers provide an analysis of TargetCompany ransomware’s Linux variant and how it targets VMware ESXi environments using new methods for payload delivery and execution...

7.5AI score
Exploits0
OSV
OSV
added 2024/06/03 8:15 a.m.1 views

DEBIAN-CVE-2024-36960

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drmevent to the size of the structure that's actually used. The length of the drmevent was set to the parent structure instead of to the...

7.1CVSS5.8AI score0.00288EPSS
Exploits0References1
OSV
OSV
added 2024/06/03 8:15 a.m.1 views

UBUNTU-CVE-2024-36960

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Fix invalid reads in fence signaled events Correctly set the length of the drmevent to the size of the structure that's actually used. The length of the drmevent was set to the parent structure instead of to the...

7.1CVSS6.2AI score0.00288EPSS
Exploits0References29
Veeam
Veeam
added 2024/06/03 12:0 a.m.16 views

Job For .local Domain Fails When Using Ubuntu-base VMware Backup Proxy

Challenge Backup of VMware VMs fails when using an Ubuntu-based Linux VMware Proxy, and the VMware environment is added to Veeam with an FQDN ending in .local e.g., esxi.somedomain.local. In the Task Log, errors related to NFC connectivity can be found: Processing Error: NFC storage connection is...

6.5AI score
Exploits0
Zero Day Initiative
Zero Day Initiative
added 2024/05/31 12:0 a.m.21 views

(Pwn2Own) VMware Workstation hgfsVMCI_fileread Use of Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS6.7AI score0.00505EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2024/05/31 12:0 a.m.18 views

(Pwn2Own) VMware Workstation UrbBuf_getDataBuf Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS6.7AI score0.00505EPSS
Exploits0References1
BDU FSTEC
BDU FSTEC
added 2024/05/31 12:0 a.m.7 views

The vulnerability of microprogramming software in VMware SD-WAN Edge devices, related to authentication procedures that allow attackers to access the BIOS configuration.

The vulnerability of microprogramming software in VMware SD-WAN Edge devices related to authentication procedures’ deficiencies. Exploiting this vulnerability could allow attackers to access the BIOS configuration...

4.8CVSS7.2AI score0.00215EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder