Lucene search
K

13053 matches found

OpenVAS
OpenVAS
added 2024/03/15 12:0 a.m.44 views

VMware Spring Framework < 5.3.33, 6.0.x < 6.0.18, 6.1.x < 6.1.5 SSRF Vulnerability - Windows

The VMware Spring Framework is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.1CVSS6.6AI score0.02573EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2024/03/14 12:0 a.m.30 views

VMware Cloud Director 10.4.x, 10.5.x < 10.5.1.1 Partial Information Disclosure (VMSA-2024-0007)

The version of VMware vCloud Director installed on the remote host is 10.4.x or 10.5.x prior to 10.5.1.1. It is, therefore, affected by a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the...

4.3CVSS5.3AI score0.00418EPSS
Exploits0References2
Malwarebytes
Malwarebytes
added 2024/03/13 3:13 p.m.46 views

Microsoft Patch Tuesday March 2024 includes critical Hyper-V flaws

The March 2024 Patch Tuesday update includes patches for 61 Microsoft vulnerabilities. Only two of the vulnerabilities are rated critical and both of these are found in Windows Hyper-V. Hyper-V is a hardware virtualization product that allows you to run multiple operating systems as virtual...

7.5CVSS8.3AI score0.20157EPSS
Exploits0
Packet Storm
Packet Storm
added 2024/03/13 12:0 a.m.398 views

VMware Cloud Director 10.5 Authentication Bypass

Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...

9.8CVSS7.4AI score0.01345EPSS
Exploits4
0day.today
0day.today
added 2024/03/12 12:0 a.m.309 views

VMware Cloud Director 10.5 - Bypass identity verification Exploit

Exploit Title: VMware Cloud Director | Bypass identity verification Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check if a port is open def isportopenip,...

9.8CVSS8AI score0.01345EPSS
Exploits4
Exploit DB
Exploit DB
added 2024/03/12 12:0 a.m.467 views

VMware Cloud Director 10.5 - Bypass identity verification

Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...

9.8CVSS10AI score0.01345EPSS
Exploits4
OSV
OSV
added 2024/03/11 8:17 p.m.12 views

USN-6688-1 linux-oem-6.1 vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS6.9AI score0.78388EPSS
Exploits19References64
Ubuntu
Ubuntu
added 2024/03/11 8:17 p.m.85 views

USN-6688-1: Linux kernel (OEM) vulnerabilities

Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...

7.8CVSS7.5AI score0.78388EPSS
Exploits19
hivepro
hivepro
added 2024/03/11 9:51 a.m.40 views

Critical VMware Vulnerabilities Leading To Sandbox Escape

Summary: Critical vulnerabilities tracked as CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 have been addressed by Vmware. These vulnerabilities allow attackers to bypass virtual machines and execute commands on the host machine. Workstation, Fusion, Cloud Foundation, and VMwa...

4.6CVSS7.6AI score0.03542EPSS
Exploits0
Malwarebytes
Malwarebytes
added 2024/03/08 2:16 p.m.39 views

Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix

VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws...

4.6CVSS8.1AI score0.03542EPSS
Exploits0
CNVD
CNVD
added 2024/03/08 12:0 a.m.9 views

Memory leak vulnerability in multiple VMware products (CNVD-2024-45224)

VMware ESXi is a server virtualization platform that can be installed directly on physical servers.Workstation is a suite of virtual machine software.Fusion is a suite of virtual machine software designed to run Windows applications on Macs. An information disclosure vulnerability exists in a...

7.1CVSS6AI score0.02311EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2024/03/08 12:0 a.m.3 views

PT-2024-19291 · Vmware · Vmware Workstation

Name of the Vulnerable Software and Affected Versions: VMware Workstation versions prior to 17.5.1 Description: A critical issue has been found in the USB controller of VMware Workstation, allowing for VM-escape vulnerabilities. The estimated number of potentially affected devices worldwide is no...

7.1AI score
Exploits0References2
NVD
NVD
added 2024/03/07 10:15 a.m.26 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS4.3AI score0.00418EPSS
Exploits0References1
Prion
Prion
added 2024/03/07 10:15 a.m.25 views

Information disclosure

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4CVSS6.5AI score0.00418EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2024/03/07 10:8 a.m.33 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS4.6AI score0.00418EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2024/03/07 10:8 a.m.11 views

CVE-2024-22256

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...

4.3CVSS6.6AI score0.00418EPSS
Exploits0References1
CVE
CVE
added 2024/03/07 10:8 a.m.161 views

CVE-2024-22256

CVE-2024-22256 affects VMware Cloud Director. The vulnerability is a partial information disclosure that could allow a malicious actor to gather information about organization names based on the instance’s behavior. According to VMware’s advisory and related sources, the issue has a CVSSv3 base s...

4.3CVSS4.2AI score0.00418EPSS
Exploits0References1Affected Software1
CNNVD
CNNVD
added 2024/03/07 12:0 a.m.4 views

VMware Cloud Director Information Disclosure Vulnerability

VMware Cloud Director is a cloud service delivery platform from VMware. The platform supports virtual datacenter creation, multi-site management, datacenter scaling and cloud migration, and cloud-native application development. An information disclosure vulnerability exists in VMware Cloud...

4.3CVSS6.2AI score0.00418EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2024/03/07 12:0 a.m.476 views

VMware ESXi 7.0 / 8.0 Multiple Vulnerabilities (VMSA-2024-0006)

The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3p, 8.0 prior to 8.0 Update 1d, or 8.0 prior to 8.0 Update 2b. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2024-0006 advisory: - VMware ESXi, Workstation, and Fusion contain a...

9.3CVSS8.3AI score0.03542EPSS
Exploits0References5
Positive Technologies
Positive Technologies
added 2024/03/07 12:0 a.m.7 views

PT-2024-2188 · Vmware · Vmware Cloud Director

Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to a partial information disclosure, where a malicious actor can potentially gather information about organization names based on the behavior of the...

7.8CVSS6.9AI score0.00418EPSS
Exploits0References5
Rows per page
Query Builder