Lucene search
K

13053 matches found

CNNVD
CNNVD
added 2023/10/20 12:0 a.m.11 views

VMware Aria Operations for Logs Code Issue Vulnerability

VMware Aria Operations for Logs is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A security vulnerability exists in VMware Aria Operations for Logs, which stems from a deserialization vulnerability...

7.8CVSS6.9AI score0.00204EPSS
Exploits0References2
CNNVD
CNNVD
added 2023/10/20 12:0 a.m.7 views

VMware Fusion Security Vulnerability

VMware Fusion is a suite of virtual machine software from VMware, Inc. designed to run Windows applications on Macs. A security vulnerability exists in VMware Fusion versions 13.x prior to 13.5, which stems from a local elevation of privilege vulnerability...

7.8CVSS6.7AI score0.00163EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2023/10/19 12:0 a.m.5 views

The vulnerability of the user interface of the integration plugin between SnapCenter and the VMware SnapCenter Plugin for VMware vSphere (SCV) allows a hacker to alter the email settings.

The vulnerability of the user interface of the integration plugin between SnapCenter and the VMware SnapCenter Plugin for VMware vSphere SCV is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to alter email settings remotely...

5.5CVSS5.5AI score0.00301EPSS
Exploits0References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/10/19 12:0 a.m.6 views

PT-2023-6319 · Vmware · Vmware Aria Operations For Logs

Name of the Vulnerable Software and Affected Versions: VMware Aria Operations for Logs affected versions not specified Description: The issue is related to a deserialization vulnerability in VMware Aria Operations for Logs. A malicious actor with non-administrative access to the local system can...

7.8CVSS7.4AI score0.00204EPSS
Exploits0References5
Spring Security Advisories
Spring Security Advisories
added 2023/10/19 12:0 a.m.9 views

A Bootiful Podcast: VMware vice president Betty Junod

Hi, Spring fans! In this installment Josh Long talks to VMware vice president Betty Junod about VMware, its amazing ecosystem, and so much more...

6.9AI score
Exploits0
VMware
VMware
added 2023/10/18 12:0 a.m.44 views

VMSA-2023-0022:VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities

Advisory ID: VMSA-2023-0022 CVSSv3 Range: 6.6-7.1 Issue Date:2023-10-19 Updated On: 2023-10-19 Initial Advisory CVEs: CVE-2023-34044, CVE-2023-34045, CVE-2023-34046 Synopsis: VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities...

7.8CVSS7.2AI score0.00204EPSS
Exploits0References23Affected Software2
Tenable Nessus
Tenable Nessus
added 2023/10/17 12:0 a.m.21 views

VMWare Aria Operations for Networks Authentication Bypass (CVE-2023-34039) (Direct Check)

Binary data vmwareariaoperationsfornetworkscve-2023-34039.nbin...

9.8CVSS9.7AI score0.63947EPSS
Exploits9References2
VMware
VMware
added 2023/10/17 12:0 a.m.66 views

VMSA-2023-0021:VMware Aria Operations for Logs updates address multiple vulnerabilities.

Advisory ID: VMSA-2023-0021 CVSSv3 Range: 8.1 Issue Date:2023-10-19 Updated On: 2023-10-23 CVEs: CVE-2023-34051, CVE-2023-34052 Synopsis: VMware Aria Operations for Logs updates address multiple vulnerabilities. CVE-2023-34051, CVE-2023-34052 RSS Feed Download PDF Download Text File Share this pa...

9.8CVSS9.4AI score0.44667EPSS
Exploits1References22Affected Software2
NVD
NVD
added 2023/10/12 7:15 p.m.19 views

CVE-2023-27312

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

5.4CVSS5.3AI score0.00301EPSS
Exploits0References1
OSV
OSV
added 2023/10/12 7:15 p.m.5 views

CVE-2023-27312

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

4.3CVSS5.8AI score0.00301EPSS
Exploits0References1
Prion
Prion
added 2023/10/12 7:15 p.m.16 views

Code injection

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

4CVSS4.5AI score0.00301EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2023/10/12 6:19 p.m.20 views

CVE-2023-27312 Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

5.4CVSS5.6AI score0.00301EPSS
Exploits0References1
CVE
CVE
added 2023/10/12 6:19 p.m.66 views

CVE-2023-27312

NetApp SnapCenter Plugin for VMware vSphere is vulnerable in versions 4.6 through 4.8 (and 4.6–4.9 context) due to insufficient access control, allowing authenticated unprivileged users to modify email and snapshot name settings in the vSphere UI. Affected component: SnapCenter Plugin for VMware ...

5.4CVSS4.7AI score0.00301EPSS
Exploits0References1Affected Software1
Vulnrichment
Vulnrichment
added 2023/10/12 6:19 p.m.12 views

CVE-2023-27312 Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere

SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...

5.4CVSS6.7AI score0.00301EPSS
Exploits0References1
CNNVD
CNNVD
added 2023/10/12 12:0 a.m.7 views

NetApp SnapCenter Security Vulnerability

NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, verify, clone, and restore NetApp storage systems. A security vulnerability exists in SnapCenter versions 3.x and 4.x VMware vSphere versions prior to 4.9, which stems from a...

8.8CVSS6.9AI score0.00491EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/11 2:40 p.m.51 views

Security Bulletin: Vulnerabilities in Expat (AKA libexpat) affect IBM Storage Protect for Virtual Environments: Data Protection for VMware (CVE-2022-23852, CVE-2022-23990)

Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by vulnerabilities in the Expat library. The vulnerabilities can lead to execution of arbitrary code, as described by the CVEs in the "Vulnerability Details" section. The vulnerabilities have been...

9.8CVSS9.4AI score0.04525EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2023/10/09 12:0 a.m.28 views

Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2906)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.8CVSS7.4AI score0.01606EPSS
Exploits0References2
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/06 4:11 p.m.34 views

Security Bulletin: IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities

Summary IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-20859 DESCRIPTION: VMware Tanzu Spring Vault could allow a local authenticated attacker to obtain sensitive information, caused by the inserti...

9.8CVSS9.8AI score0.03465EPSS
Exploits3Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/05 8:36 p.m.54 views

Security Bulletin: IBM Spectrum Symphony with Spring Framework is vulnerable to a denial of service, caused by improper input validation

Summary IBM Spectrum Symphony with Spring Framework is vulnerable to a denial of service, caused by improper input validation Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially crafted SpEL expression,...

6.5CVSS7.1AI score0.01122EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/10/04 12:58 p.m.51 views

Security Bulletin: Vulnerabilities in Apache HttpComponents affect IBM Storage Protect Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management (CVE-2012-6153, CVE-2014-3577, CVE-2020-13956)

Summary IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments Data Protection for VMware only, and IBM Storage Protect for Space Management can be affected by a vulnerability in Apache HttpComponents. The vulnerability can lead to spoofing attacks, bypass of...

5.8CVSS5.7AI score0.09149EPSS
Exploits2Affected Software3
Rows per page
Query Builder