Lucene search
K

13053 matches found

CNNVD
CNNVD
added 2023/11/14 12:0 a.m.4 views

VMware Cloud Director Security Vulnerability

VMware Cloud Director is a cloud service delivery platform from VMware. The platform supports virtual datacenter creation, multi-site management, datacenter scaling and cloud migration, and cloud-native application development. A security vulnerability exists in VMware Cloud Director that could...

9.8CVSS6.9AI score0.01345EPSS
Exploits4References5
0day.today
0day.today
added 2023/11/14 12:0 a.m.458 views

F5 BIG-IP TMUI Directory Traversal / File Upload / Code Execution Exploit

This Metasploit module exploits a directory traversal in F5's BIG-IP Traffic Management User Interface TMUI to upload a shell script and execute it as the Unix root user. Unix shell access is obtained by escaping the restricted Traffic Management Shell TMSH. The escape may not be reliable, and yo...

9.8CVSS10AI score0.99999EPSS
Exploits60
VMware
VMware
added 2023/11/13 12:0 a.m.77 views

VMSA-2023-0026:VMware Cloud Director Appliance contains an authentication bypass vulnerability

Advisory ID: VMSA-2023-0026.1 CVSSv3 Range: 9.8 Issue Date:2023-11-14 Updated On: 2023-11-30 CVEs: CVE-2023-34060 Synopsis: VMware Cloud Director Appliance contains an authentication bypass vulnerability CVE-2023-34060. RSS Feed Download PDF Download Text File Share this page on social media: 1...

9.8CVSS8.9AI score0.01345EPSS
Exploits4References15
GithubExploit
GithubExploit
added 2023/11/12 10:15 p.m.332 views

Exploit for Code Injection in Vmware Spring_Framework

Spring4Shell Vulnerability - CVE-2022-22965 :closedbook:...

9.8CVSS9.6AI score0.99677EPSS
Exploits100
Fedora
Fedora
added 2023/11/08 1:40 a.m.26 views

[SECURITY] Fedora 38 Update: open-vm-tools-12.3.0-3.fc38

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

7.5CVSS7.6AI score0.00667EPSS
Exploits0
Fedora
Fedora
added 2023/11/08 1:27 a.m.31 views

[SECURITY] Fedora 39 Update: open-vm-tools-12.3.0-3.fc39

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

7.5CVSS7.6AI score0.00667EPSS
Exploits0
Fedora
Fedora
added 2023/11/08 1:21 a.m.25 views

[SECURITY] Fedora 37 Update: open-vm-tools-12.3.0-3.fc37

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

7.5CVSS7.6AI score0.00667EPSS
Exploits0
OpenVAS
OpenVAS
added 2023/11/08 12:0 a.m.17 views

Fedora: Security Advisory for open-vm-tools (FEDORA-2023-08e2bb6815)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2023/11/08 12:0 a.m.16 views

Fedora: Security Advisory for open-vm-tools (FEDORA-2023-1ed0ec0035)

The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.4AI score0.00667EPSS
Exploits0References2
Wallarm Lab
Wallarm Lab
added 2023/11/07 12:54 p.m.28 views

Navigating Threats – Insights from the Wallarm API ThreatStats™ Report Q3’2023

The world of digital technology is perpetually evolving, positioning cybersecurity as a frontline defense in safeguarding essential digital assets. A primary challenge in this sector, accentuated by the Wallarm API ThreatStats™ report Q3’2023, is ensuring robust API security. This in-depth report...

6.6AI score
Exploits0
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.2 views

kernel: VMCI: Use threaded irqs instead of tasklets

In the Linux kernel, the following vulnerability has been resolved: VMCI: Use threaded irqs instead of tasklets The vmcidispatchdgs tasklet function calls vmcireaddata which uses waitevent resulting in invalid sleep in an atomic context and therefore potentially in a deadlock. Use threaded irqs t...

5.5CVSS6.2AI score0.00121EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2023/11/07 9:3 a.m.4 views

kernel: drm/vmwgfx: Fix memory leak in vmw_mksstat_add_ioctl()

A memory leak vulnerability was found in the VMware graphics driver vmwgfx in the Linux kernel. In vmwmksstataddioctl, when copying the description string from userspace fails with -EFAULT, the allocated page for the instance descriptor is not freed. This leads to memory leakage that can cause...

7.2AI score0.002EPSS
Exploits0References5
Zero Day Initiative
Zero Day Initiative
added 2023/11/06 12:0 a.m.17 views

VMware Workstation UHCI Uninitialized Variable Information Disclosure Vulnerability

This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute high-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within...

6CVSS6.6AI score0.00204EPSS
Exploits0References1
Zero Day Initiative
Zero Day Initiative
added 2023/11/06 12:0 a.m.81 views

VMware vCenter Server Appliance DCE/RPC Protocol Out-Of-Bounds Write Remote Code Execution Vulnerability

This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the implementation of DCE/RPC protocol. The issue results from the lack ...

9.8CVSS7.7AI score0.99428EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.16 views

Rocky Linux 9 : ignition (RLSA-2022:8126)

The remote Rocky Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:8126 advisory. - A vulnerability was found in Ignition where ignition configs are accessible from unprivileged containers in VMs running on VMware products. This issue is only...

6.5CVSS6.4AI score0.01158EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.26 views

Debian dla-3646 : open-vm-tools - security update

The remote Debian 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-3646 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-3646-1 [email protected]...

7.5CVSS6.5AI score0.00667EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2023/11/06 12:0 a.m.19 views

Rocky Linux 8 : open-vm-tools (RLSA-2022:6357)

The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2022:6357 advisory. - VMware Tools 12.0.0, 11.x.y and 10.x.y contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest...

7.8CVSS7.1AI score0.0054EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2023/11/04 12:0 a.m.25 views

Amazon Linux 2023 : open-vm-tools, open-vm-tools-desktop, open-vm-tools-devel (ALAS2023-2023-423)

It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-423 advisory. VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-...

7.5CVSS6.4AI score0.00667EPSS
Exploits0References6
Citrix
Citrix
added 2023/11/03 12:0 a.m.5 views

Understand Power Actions

When the user clicks on the Shutdown/Restart option within the VDI, you see error in VMware Console. Parameter: ShutdownDesktopsAfterUser $True Autoscale set to keep the machine on all the time i.e Autoscale set at 100%...

7AI score
Exploits0
Amazon
Amazon
added 2023/11/03 12:0 a.m.6 views

Important: open-vm-tools

Issue Overview: VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be ab...

7.5CVSS6.7AI score0.00667EPSS
Exploits0
Rows per page
Query Builder