Lucene search
K

13053 matches found

Tenable Nessus
Tenable Nessus
added 2024/01/16 12:0 a.m.39 views

EulerOS 2.0 SP9 : qemu (EulerOS-SA-2023-2887)

According to the versions of the qemu package installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - A flaw was found in the QEMU implementation of VMWare's paravirtual RDMA device. This flaw allows a crafted guest driver to execute HW commands whe...

8.8CVSS6.9AI score0.01592EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2024/01/16 12:0 a.m.6 views

PT-2024-1101 · Vmware · Vmware Cloud Foundation +1

Name of the Vulnerable Software and Affected Versions: VMware Aria Automation formerly vRealize Automation versions prior to the fixed version VMware Cloud Foundation formerly Aria Automation versions prior to the fixed version Description: The issue is related to a Missing Access Control...

9.9CVSS9AI score0.00949EPSS
Exploits0References33
CNNVD
CNNVD
added 2024/01/16 12:0 a.m.3 views

VMware Aria Automation and VMware Cloud Foundation Security Vulnerabilities

VMware Cloud Foundation and VMware Aria Automation are both products of VMware, Inc. VMware Cloud Foundation is an all-in-one hybrid cloud platform. VMware Cloud Foundation is an all-in-one hybrid cloud platform that includes operations automation, infrastructure auto-configuration, and integrate...

9.9CVSS7AI score0.00949EPSS
Exploits0References2
VMware
VMware
added 2024/01/14 12:0 a.m.57 views

VMSA-2024-0001:VMware Aria Automation (formerly vRealize Automation) updates address a Missing Access Control vulnerability

Advisory ID: VMSA-2024-0001 CVSSv3 Range: 9.9 Issue Date:2024-01-16 Updated On: 2024-01-16 Initial Advisory CVEs: CVE-2023-34063 Synopsis: VMware Aria Automation formerly vRealize Automation updates address a Missing Access Control vulnerability CVE-2023-34063 RSS Feed Download PDF Download Text...

9.9CVSS9AI score0.00949EPSS
Exploits0References24Affected Software2
Cent OS
Cent OS
added 2024/01/12 7:15 p.m.979 views

open security update

CentOS Errata and Security Advisory CESA-2023:7279 An update for open-vm-tools is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

7.5CVSS6.7AI score0.00667EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2024/01/12 12:0 a.m.53 views

Rocky Linux 8 : kernel-rt (RLSA-2024:0134)

The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2024:0134 advisory. - A side channel vulnerability on some of the AMD CPUs may allow an attacker to influence the return address prediction. This may result in speculative...

7.8CVSS7.5AI score0.0616EPSS
Exploits3References11
RedHat Linux
RedHat Linux
added 2024/01/10 10:50 a.m.1 views

kernel: vmwgfx: reference count issue leads to use-after-free in surface handling

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...

7.8CVSS6.7AI score0.00282EPSS
Exploits0References4
RedHat Linux
RedHat Linux
added 2024/01/10 10:50 a.m.4 views

kernel: vmwgfx: reference count issue leads to use-after-free in surface handling

The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unprivileged user...

7.8CVSS6.7AI score0.00282EPSS
Exploits0References4
IBM Security Bulletins
IBM Security Bulletins
added 2024/01/10 8:32 a.m.50 views

Security Bulletin: Vulnerabilities in VMware affect IBM Cloud Pak System [CVE-2023-34048, CVE-2023-34056]

Summary Vulnerabilities in VMware vCenter affect IBM Cloud Pak System. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-34048 DESCRIPTION: VMware vCenter Server and Cloud Foundation could allow a remote attacker to execute arbitrary cod...

9.8CVSS8.8AI score0.99428EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/01/09 6:4 p.m.4 views

USN-6572-1 linux-azure vulnerabilities

Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged attacker could use this to cause a denial of service system crash. CVE-2023-31085 Bien Pham discovered that the netfiler subsystem in the Linux...

7.8CVSS6.8AI score0.0047EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2024/01/09 12:0 a.m.46 views

Ubuntu 23.10 : Linux kernel (Azure) vulnerabilities (USN-6572-1)

The remote Ubuntu 23.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-6572-1 advisory. Yu Hao discovered that the UBI driver in the Linux kernel did not properly check for MTD with zero erasesize during device attachment. A local privileged...

7.8CVSS7.4AI score0.0047EPSS
Exploits0References6
OpenVAS
OpenVAS
added 2024/01/09 12:0 a.m.37 views

Ubuntu: Security Advisory (USN-6567-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7AI score0.01592EPSS
Exploits5References2
OSV
OSV
added 2024/01/08 5:46 p.m.4 views

USN-6567-1 qemu vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.2AI score0.01592EPSS
Exploits5References15
Ubuntu
Ubuntu
added 2024/01/08 5:46 p.m.69 views

USN-6567-1: QEMU vulnerabilities

Gaoning Pan and Xingwei Li discovered that QEMU incorrectly handled the USB xHCI controller device. A privileged guest attacker could possibly use this issue to cause QEMU to crash, leading to a denial of service. This issue only affected Ubuntu 20.04 LTS and Ubuntu 22.04 LTS. CVE-2020-14394 It w...

8.8CVSS7.1AI score0.01592EPSS
Exploits5
NCSC
NCSC
added 2024/01/08 12:0 a.m.11 views

Vulnerabilities fixed in IBM DB2

IBM has fixed vulnerabilities in several DB2 products such as DB2, DB2 for Cloud Pak and Web Query for i. A malicious party could exploit the exploit the vulnerabilities to grant himself locally elevated privileges assigned arbitrary code and thus execute arbitrary code with potentially privilege...

9.8CVSS7.8AI score0.51733EPSS
Exploits9
F5 Networks
F5 Networks
added 2024/01/02 5:8 p.m.36 views

K000138114: open-vm-tools vulnerability CVE-2023-34058

Security Advisory Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https : //docs . vmware . com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtu...

7.5CVSS6.3AI score0.00667EPSS
Exploits0
Gitee
Gitee
added 2023/12/22 10:2 p.m.4 views

Exploit for Expression Language Injection in Vmware Spring_Cloud_Gateway

开源工具 SpringBoot-Scan 的GUI图形化版本,对你有用的话麻烦点个Star哈哈 注意:本工具内置相关漏洞的Exp,杀软报毒属于正常现象! 新版本工具使用 python3 main.py VulHub 漏洞测试环境搭建 git clone https://github.com/vulhub/vulhub.git 安装Docker环境 sudo apt-get install docker.io sudo apt install docker-compose 搭建CVE-2022-22965 cd /vulhub/CVE-2022-22965 sudo...

10CVSS8.3AI score0.99939EPSS
Exploits181
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/20 2:34 p.m.46 views

Security Bulletin: IBM Security Guardium is affected by a multiple vulnerabilities (CVE-2023-39975, CVE-2023-34042)

Summary IBM Security Guardium has fixed these vulnerabilities Vulnerability Details CVEID:CVE-2023-39975 DESCRIPTION: MIT Kerberos 5 aka krb5 is vulnerable to a denial of service, caused by a double free in KDC TGS processing. By sending a specially crafted request, a remote authenticated attacke...

8.8CVSS7.1AI score0.01229EPSS
Exploits0Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/12/18 12:0 a.m.34 views

VMware vRealize Network Insight (vRNI) Multiple Vulnerabilities (VMSA-2022-0031)

According to its self-reported version, the instance of VMware vRealize Network Insight running on the remote web server is affected by multiple vulnerabilities: - vRealize Network Insight vRNI contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network...

9.8CVSS9.1AI score0.01792EPSS
Exploits0References4
Openbugbounty
Openbugbounty
added 2023/12/15 10:45 p.m.9 views

vmware-ebook.com Improper Access Control vulnerability OBB-3815416

Following the coordinated and responsible vulnerability disclosure guidelines of the ISO 29147 standard, Open Bug Bounty has: a. verified the vulnerability and confirmed its existence; b. notified the website operator about its existence. Technical details of the vulnerability are currently hidde...

7AI score
Exploits0
Rows per page
Query Builder