13053 matches found
VMware Aria Operations for Logs Code Issue Vulnerability
VMware Aria Operations for Logs is a centralized log management solution from VMware. The product supports features such as log organization and log analysis. A security vulnerability exists in VMware Aria Operations for Logs, which stems from a deserialization vulnerability...
VMware Fusion Security Vulnerability
VMware Fusion is a suite of virtual machine software from VMware, Inc. designed to run Windows applications on Macs. A security vulnerability exists in VMware Fusion versions 13.x prior to 13.5, which stems from a local elevation of privilege vulnerability...
The vulnerability of the user interface of the integration plugin between SnapCenter and the VMware SnapCenter Plugin for VMware vSphere (SCV) allows a hacker to alter the email settings.
The vulnerability of the user interface of the integration plugin between SnapCenter and the VMware SnapCenter Plugin for VMware vSphere SCV is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to alter email settings remotely...
PT-2023-6319 · Vmware · Vmware Aria Operations For Logs
Name of the Vulnerable Software and Affected Versions: VMware Aria Operations for Logs affected versions not specified Description: The issue is related to a deserialization vulnerability in VMware Aria Operations for Logs. A malicious actor with non-administrative access to the local system can...
A Bootiful Podcast: VMware vice president Betty Junod
Hi, Spring fans! In this installment Josh Long talks to VMware vice president Betty Junod about VMware, its amazing ecosystem, and so much more...
VMSA-2023-0022:VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities
Advisory ID: VMSA-2023-0022 CVSSv3 Range: 6.6-7.1 Issue Date:2023-10-19 Updated On: 2023-10-19 Initial Advisory CVEs: CVE-2023-34044, CVE-2023-34045, CVE-2023-34046 Synopsis: VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities...
VMWare Aria Operations for Networks Authentication Bypass (CVE-2023-34039) (Direct Check)
Binary data vmwareariaoperationsfornetworkscve-2023-34039.nbin...
VMSA-2023-0021:VMware Aria Operations for Logs updates address multiple vulnerabilities.
Advisory ID: VMSA-2023-0021 CVSSv3 Range: 8.1 Issue Date:2023-10-19 Updated On: 2023-10-23 CVEs: CVE-2023-34051, CVE-2023-34052 Synopsis: VMware Aria Operations for Logs updates address multiple vulnerabilities. CVE-2023-34051, CVE-2023-34052 RSS Feed Download PDF Download Text File Share this pa...
CVE-2023-27312
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...
CVE-2023-27312
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...
Code injection
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...
CVE-2023-27312 Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...
CVE-2023-27312
NetApp SnapCenter Plugin for VMware vSphere is vulnerable in versions 4.6 through 4.8 (and 4.6–4.9 context) due to insufficient access control, allowing authenticated unprivileged users to modify email and snapshot name settings in the vSphere UI. Affected component: SnapCenter Plugin for VMware ...
CVE-2023-27312 Privilege Escalation Vulnerability in SnapCenter Plugin for VMware vSphere
SnapCenter Plugin for VMware vSphere versions 4.6 prior to 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface...
NetApp SnapCenter Security Vulnerability
NetApp SnapCenter is a suite of applications from Network Appliance NetApp that provides the ability to back up, verify, clone, and restore NetApp storage systems. A security vulnerability exists in SnapCenter versions 3.x and 4.x VMware vSphere versions prior to 4.9, which stems from a...
Security Bulletin: Vulnerabilities in Expat (AKA libexpat) affect IBM Storage Protect for Virtual Environments: Data Protection for VMware (CVE-2022-23852, CVE-2022-23990)
Summary IBM Storage Protect for Virtual Environments: Data Protection for VMware can be affected by vulnerabilities in the Expat library. The vulnerabilities can lead to execution of arbitrary code, as described by the CVEs in the "Vulnerability Details" section. The vulnerabilities have been...
Huawei EulerOS: Security Advisory for qemu (EulerOS-SA-2023-2906)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities
Summary IBM Cloud Pak for Network Automation 2.6.2 fixes multiple security vulnerabilities, listed in the CVEs below. Vulnerability Details CVEID:CVE-2023-20859 DESCRIPTION: VMware Tanzu Spring Vault could allow a local authenticated attacker to obtain sensitive information, caused by the inserti...
Security Bulletin: IBM Spectrum Symphony with Spring Framework is vulnerable to a denial of service, caused by improper input validation
Summary IBM Spectrum Symphony with Spring Framework is vulnerable to a denial of service, caused by improper input validation Vulnerability Details CVEID:CVE-2023-20861 DESCRIPTION: VMware Tanzu Spring Framework is vulnerable to a denial of service. By sending a specially crafted SpEL expression,...
Security Bulletin: Vulnerabilities in Apache HttpComponents affect IBM Storage Protect Client, IBM Storage Protect for Virtual Environments, and IBM Storage Protect for Space Management (CVE-2012-6153, CVE-2014-3577, CVE-2020-13956)
Summary IBM Storage Protect Backup-Archive Client, IBM Storage Protect for Virtual Environments Data Protection for VMware only, and IBM Storage Protect for Space Management can be affected by a vulnerability in Apache HttpComponents. The vulnerability can lead to spoofing attacks, bypass of...