Lucene search
K

13053 matches found

Tenable Nessus
Tenable Nessus
added 2023/12/15 12:0 a.m.55 views

SUSE SLED15: cluster-md-kmp-64kb / cluster-md-kmp-default / dlm-kmp-64kb / etc (SUSE-SU-2023:4730-1)

The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:4730-1 advisory. The SUSE Linux Enterprise 15 SP5 kernel was updated to receive various security and bugfixes. Th...

9.8CVSS6.9AI score0.00986EPSS
Exploits0References78
OpenVAS
OpenVAS
added 2023/12/13 12:0 a.m.41 views

VMware Spring Framework RCE Vulnerability (Spring4Shell, SpringShell) - Active Check

The VMware Spring Framework is prone to a remote code execution RCE vulnerability dubbed SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only...

9.8CVSS10AI score0.99677EPSS
Exploits100References16
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/12 5:56 p.m.46 views

Security Bulletin: IBM Automation Decision Services November 2023 - Multiple CVEs addressed

Summary IBM Automation Decision Services is vulnerable to denial of service attacks in third party and open source used in the product for various functions. See full list below. This vulnerability has been addressed. Vulnerability Details CVEID:CVE-2023-46233 DESCRIPTION: Brix crypto-js could...

9.8CVSS8.9AI score0.03465EPSS
Exploits6Affected Software1
CNNVD
CNNVD
added 2023/12/12 12:0 a.m.5 views

VMware Workspace ONE Launcher Security Vulnerability

VMware Workspace ONE Launcher is an application from VMware, Inc. enables organizations across industries to easily lock down or share multi-user Android devices in single or multi-application mode. A security vulnerability exists in VMware Workspace ONE Launcher prior to version 23.11, which ste...

4.6CVSS6.7AI score0.00405EPSS
Exploits0References3
VMware
VMware
added 2023/12/12 12:0 a.m.55 views

VMware Workspace ONE Launcher updates addresses privilege escalation vulnerability. (CVE-2023-34064)

3. Privilege Escalation Vulnerability Workspace ONE Launcher contains a Privilege Escalation Vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.3...

2.1CVSS4.7AI score0.00405EPSS
Exploits0References3Affected Software1
The Hacker News
The Hacker News
added 2023/12/11 1:0 p.m.92 views

Lazarus Group Using Log4j Exploits to Deploy Remote Access Trojans

The notorious North Korea-linked threat actor known as the Lazarus Group has been attributed to a new global campaign that involves the opportunistic exploitation of security flaws in Log4j to deploy previously undocumented remote access trojans RATs on compromised hosts. Cisco Talos is tracking...

10CVSS10AI score0.99999EPSS
Exploits366
0day.today
0day.today
added 2023/12/08 12:0 a.m.521 views

VMware Cloud Director - Bypass identity verification Exploit

CVE-2023-34060 vulnerability is a vulnerability that allows an attacker to bypass identity verification when entering port 22 ssh or port 5480 Device Management Console in VMware Cloud Director Appliance123. This vulnerability does not exist on port 443 VCD provider and tenant sign-in...

9.8CVSS7.2AI score0.01345EPSS
Exploits4
BDU FSTEC
BDU FSTEC
added 2023/12/08 12:0 a.m.3 views

The vulnerability of the monitoring tool for the virtual infrastructure vRealize Operations (vROps) arises from insufficient validation of the authenticity of the queries executed. This allows a perpetrator to carry out a CSRF attack.

The vulnerability of the monitoring tool for the virtual infrastructure vRealize Operations vROps is related to insufficient verification of the authenticity of the queries being executed. Exploiting this vulnerability could allow a malicious actor to perform a CSRF attack remotely...

10CVSS7.5AI score0.00404EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/12/08 12:0 a.m.4 views

The vulnerability of VMware Fusion and VMware Workstation, related to insufficient validation of input data, allows a malicious individual to gain unauthorized access to protected information.

The vulnerability of VMware Fusion and VMware Workstation lies in the execution of operations beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...

7.1CVSS7.3AI score0.00375EPSS
Exploits0References3Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/12/07 12:0 a.m.12 views

VMware vCenter API Settings

Binary data vmwarevspherevcentersettings.nbin...

7.3AI score
Exploits0
Cloud Foundry
Cloud Foundry
added 2023/12/07 12:0 a.m.24 views

CVE-2023-34061 - Gorouter route pruning | Cloud Foundry

Severity HIGH Vendor CloudFoundry Foundation Versions Affected Routing Release 0.163.0 CF Deployment 0.28.0 Description Cloud Foundry routing release versions from v0.163.0 to v0.283.0 are vulnerable to a DOS attack. An unauthenticated attacker can use this vulnerability to force route pruning an...

7.5CVSS7.5AI score0.00538EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2023/12/06 12:0 a.m.74 views

VMware Tools for Linux 10.3.x < 10.3.26 Authentication Bypass (VMSA-2023-0019)

The version of VMware Tools installed on the remote Linux host is 10.3.x prior to 10.3.26. It is, therefore, affected by a SAML token signature bypass vulnerability. A malicious attacker with man-in-the-middle network positioning in the virtual machine network can bypass SAML token signature...

7.5CVSS7AI score0.01193EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2023/12/06 12:0 a.m.28 views

VMware Workspace ONE UEM console Open Redirect (VMSA-2023-0025)

The version of Workspace ONE UEM console running on the remote host is 2203 prior to 22.3.0.48, 2206 prior to 22.6.0.36, 2209 prior to 22.9.0.29, 2212 prior to 22.12.0.20 or 2302 prior to 23.2.0.10. It is, therefore, affected by an open redirect vulnerability. A remote attacker can redirect a...

8.8CVSS6.3AI score0.00398EPSS
Exploits0References2
VulnCheck KEV
VulnCheck KEV
added 2023/12/03 12:0 a.m.2 views

VulnCheck KEV: CVE-2021-21978

VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could...

9.8CVSS7.9AI score0.98947EPSS
Exploits9References1
GithubExploit
GithubExploit
added 2023/12/02 10:51 a.m.255 views

Exploit for Improper Preservation of Permissions in Vmware Spring_Security

cve-2023-34034 Demonstration of CVE-2023-34034 aut...

9.8CVSS8.7AI score0.03465EPSS
Exploits1
IBM Security Bulletins
IBM Security Bulletins
added 2023/12/01 7:19 p.m.37 views

Security Bulletin: VMware Tanzu Spring Security is vulnerable to CVE-2023-34042 used in IBM Maximo Application Suite - Monitor Component

Summary IBM Maximo Application Suite - Monitor Component uses VMware Tanzu Spring Security, which is vulnerable to CVE-2023-34042. This bulletin identifies the steps to take to address the vulnerability. Vulnerability Details CVEID:CVE-2023-34042 DESCRIPTION: VMware Tanzu Spring Security could...

5.5CVSS4.9AI score0.00216EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/11/30 12:0 a.m.24 views

VMware Spring Boot 2.7.0 - 2.7.17, 3.0.0 - 3.0.12, 3.1.0 - 3.1.5 DoS Vulnerability

VMware Spring Boot is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7AI score0.01219EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/11/30 12:0 a.m.23 views

VMware Spring Framework 6.0.0 - 6.0.13 DoS Vulnerability

The VMware Spring Framework is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

7.5CVSS7.8AI score0.0115EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/11/29 1:25 a.m.26 views

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in VMware Tanzu Spring Security

Summary Multiple vulnerabilities in VMware Tanzu Spring Security used by IBM InfoSphere Information Server were addressed. This bulletin identifies the steps to take to address the vulnerabilities. Vulnerability Details CVEID:CVE-2023-34034 DESCRIPTION: VMware Tanzu Spring Security could allow a...

9.8CVSS7.4AI score0.03465EPSS
Exploits2Affected Software1
Tenable Nessus
Tenable Nessus
added 2023/11/28 12:0 a.m.11 views

VMWare Tools or Open VM Tools Installed (Linux)

Binary data vmwaretoolsnixinstalled.nbin...

7.3AI score
Exploits0References2
Rows per page
Query Builder