13052 matches found
CVE-2024-36907
...
CVE-2024-36907
...
RedTail Crypto-Mining Malware Exploiting Palo Alto Networks Firewall Vulnerability
The threat actors behind the RedTail cryptocurrency mining malware have added a recently disclosed security flaw impacting Palo Alto Networks firewalls to its exploit arsenal. The addition of the PAN-OS vulnerability to its toolkit has been complemented by updates to the malware, which now...
(Pwn2Own) VMware Workstation VBluetoothHCI_PacketOut Use-After-Free Privilege Escalation Vulnerability
This vulnerability allows local attackers to escalate privileges on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the...
VMware ESXi Out-of-Bounds Write Vulnerability
VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. An out-of-bounds write vulnerability exists in VMware ESXi, which can be exploited by a local attacker with administrative privileges to cause a sandbox escape...
The vulnerability of controllers for hypervisor storage in VMware ESXi, VMware Workstation, and VMware Fusion allows a hacker to execute arbitrary code.
The vulnerability of storage controller devices in VMware ESXi, VMware Workstation, and VMware Fusion lies in the ability to read/write data beyond the allowed range. Exploiting this vulnerability can allow an attacker to execute arbitrary code...
The vulnerability of the vbluetooth components in VMware Fusion and Vmware Workstation allows a hacker to gain unauthorized access to protected information.
The vulnerability of the vbluetooth components in VMware Fusion and Vmware Workstation is related to lack of access control mechanisms. Exploiting this vulnerability can allow an intruder to gain unauthorized access to protected information...
Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack
The MITRE Corporation has revealed that the cyber attack targeting the not-for-profit company towards late December 2023 by exploiting zero-day flaws in Ivanti Connect Secure ICS involved the threat actor creating rogue virtual machines VMs within its VMware environment. "The adversary created...
The vulnerability of shader functions in VMware Fusion and Vmware Workstation allows attackers to trigger a service failure.
The vulnerability of shader functions in VMware Fusion and Vmware Workstation lies in improper cleaning or release of resources. Exploiting this vulnerability can allow an attacker to cause service failures...
The vulnerability of the Host Guest File Sharing (HGFS) function in VMware Fusion and Vmware Workstation allows attackers to disclose sensitive information.
The vulnerability of the Host Guest File Sharing HGFS function in VMware Fusion and Vmware Workstation lies in the lack of access control mechanisms. Exploiting this vulnerability can allow attackers to disclose sensitive information...
Ransomware Attacks Exploit VMware ESXi Vulnerabilities in Alarming Pattern
Ransomware attacks targeting VMware ESXi infrastructure follow an established pattern regardless of the file-encrypting malware deployed, new findings show. "Virtualization platforms are a core component of organizational IT infrastructure, yet they often suffer from inherent misconfigurations an...
VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Windows
VMware Workstation is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:workstation";...
VMware Workstation Multiple Vulnerabilities (VMSA_2024_0010) - Linux
VMware Workstation is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:workstation";...
VMware ESXi Out-of-bounds read/write Vulnerability (VMSA-2024-0011)
VMware ESXi is prone to an out-of-bounds read/write vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
VMware Fusion Multiple Vulnerabilities (VMSA_2024_0010) - Mac OS X
VMware Fusion is prone to multiple vulnerabilities. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:fusion"; ifdescription...
VMware Workstation SVGA Heap-based Buffer Overflow Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware Workstation. User interaction is required to exploit this vulnerability in that the target in a guest system must visit a malicious page or open a malicious file. The specific flaw exists with...
VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Windows
VMware Workstation is prone to an out of bounds read/write vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VMware Workstation Out-of-bounds read/write Vulnerability (VMSA-2024-0011) - Linux
VMware Workstation is prone to an out of bounds read/write vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
CVE-2024-22273
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a...
CVE-2024-22273
The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a...