13053 matches found
VMware Spring Framework < 5.3.33, 6.0.x < 6.0.18, 6.1.x < 6.1.5 SSRF Vulnerability - Windows
The VMware Spring Framework is prone to a server-side request forgery SSRF vulnerability. SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
VMware Cloud Director 10.4.x, 10.5.x < 10.5.1.1 Partial Information Disclosure (VMSA-2024-0007)
The version of VMware vCloud Director installed on the remote host is 10.4.x or 10.5.x prior to 10.5.1.1. It is, therefore, affected by a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the...
Microsoft Patch Tuesday March 2024 includes critical Hyper-V flaws
The March 2024 Patch Tuesday update includes patches for 61 Microsoft vulnerabilities. Only two of the vulnerabilities are rated critical and both of these are found in Windows Hyper-V. Hyper-V is a hardware virtualization product that allows you to run multiple operating systems as virtual...
VMware Cloud Director 10.5 Authentication Bypass
Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...
VMware Cloud Director 10.5 - Bypass identity verification Exploit
Exploit Title: VMware Cloud Director | Bypass identity verification Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check if a port is open def isportopenip,...
VMware Cloud Director 10.5 - Bypass identity verification
Exploit Title: VMware Cloud Director | Bypass identity verification Google Dork: non Date: 12/06/2023 Exploit Author: Abdualhadi khalifa Version: 10.5 CVE : CVE-2023-34060 import requests import paramiko import subprocess import socket import argparse import threading Define a function to check i...
USN-6688-1 linux-oem-6.1 vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...
USN-6688-1: Linux kernel (OEM) vulnerabilities
Pratyush Yadav discovered that the Xen network backend implementation in the Linux kernel did not properly handle zero length data request, leading to a null pointer dereference vulnerability. An attacker in a guest VM could possibly use this to cause a denial of service host domain crash...
Critical VMware Vulnerabilities Leading To Sandbox Escape
Summary: Critical vulnerabilities tracked as CVE-2024-22252, CVE-2024-22253, CVE-2024-22254, and CVE-2024-22255 have been addressed by Vmware. These vulnerabilities allow attackers to bypass virtual machines and execute commands on the host machine. Workstation, Fusion, Cloud Foundation, and VMwa...
Patch now! VMWare escape flaws are so serious even end-of-life software gets a fix
VMWare has issued secuity fixes for its VMware ESXi, Workstation, Fusion, and Cloud Foundation products. It has even taken the unusual step of issuing updates for versions of the affected software that have reached thier end-of-life, meaning they would normally no longer be supported. This flaws...
Memory leak vulnerability in multiple VMware products (CNVD-2024-45224)
VMware ESXi is a server virtualization platform that can be installed directly on physical servers.Workstation is a suite of virtual machine software.Fusion is a suite of virtual machine software designed to run Windows applications on Macs. An information disclosure vulnerability exists in a...
PT-2024-19291 · Vmware · Vmware Workstation
Name of the Vulnerable Software and Affected Versions: VMware Workstation versions prior to 17.5.1 Description: A critical issue has been found in the USB controller of VMware Workstation, allowing for VM-escape vulnerabilities. The estimated number of potentially affected devices worldwide is no...
CVE-2024-22256
VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...
Information disclosure
VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...
CVE-2024-22256
VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...
CVE-2024-22256
VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...
CVE-2024-22256
CVE-2024-22256 affects VMware Cloud Director. The vulnerability is a partial information disclosure that could allow a malicious actor to gather information about organization names based on the instance’s behavior. According to VMware’s advisory and related sources, the issue has a CVSSv3 base s...
VMware Cloud Director Information Disclosure Vulnerability
VMware Cloud Director is a cloud service delivery platform from VMware. The platform supports virtual datacenter creation, multi-site management, datacenter scaling and cloud migration, and cloud-native application development. An information disclosure vulnerability exists in VMware Cloud...
VMware ESXi 7.0 / 8.0 Multiple Vulnerabilities (VMSA-2024-0006)
The version of VMware ESXi installed on the remote host is prior to 7.0 Update 3p, 8.0 prior to 8.0 Update 1d, or 8.0 prior to 8.0 Update 2b. It is, therefore, affected by multiple vulnerabilities as referenced in the VMSA-2024-0006 advisory: - VMware ESXi, Workstation, and Fusion contain a...
PT-2024-2188 · Vmware · Vmware Cloud Director
Name of the Vulnerable Software and Affected Versions: VMware Cloud Director affected versions not specified Description: The issue is related to a partial information disclosure, where a malicious actor can potentially gather information about organization names based on the behavior of the...