MiracleLinux 7 : open-vm-tools-11.0.5-3.el7.7 (AXSA:2023-6398:07)

The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6398:07 advisory. open-vm-tools: SAML token signature bypass CVE-2023-20900 Tenable has extracted the preceding description block directly from the MiracleLinux security...

MiracleLinux 9 : open-vm-tools-12.1.5-1.el9.3.ML.1 (AXSA:2023-6439:10)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6439:10 advisory. open-vm-tools: SAML token signature bypass CVE-2023-20900 Tenable has extracted the preceding description block directly from the MiracleLinux security...

TencentOS Server 4: open-vm-tools (TSSA-2024:0041)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0041 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

TencentOS Server 2: open-vm-tools (TSSA-2023:0218)

The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0218 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...

TencentOS Server 3: open-vm-tools (TSSA-2023:0226)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0226 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

Alibaba Cloud Linux 3 : 0116: open-vm-tools (ALINUX3-SA-2023:0116)

The remote Alibaba Cloud Linux 3 host has packages installed that are affected by a vulnerability as referenced in the ALINUX3-SA-2023:0116 advisory. Package updates are available for Alibaba Cloud Linux 3 that fix the following vulnerabilities: CVE-2023-20900: A malicious actor that has been...

SUSE CVE-2023-20900

A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...

CVE-2025-20900

creationtimestamp| type| source ---|---|--- 2025-02-04 08:16:51+00:00| seen| https://bsky.app/profile/cve-notifications.bsky.social/post/3lhdmks2bpz2f 2025-02-04 10:32:33+00:00| seen| https://t.me/cvedetector/17163 2025-02-04 12:19:06+00:00| seen|...

CVE-2025-20900

Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-20900

Samsung Blockchain Keystore suffers an out-of-bounds write in versions prior to 1.3.16.5. The vulnerability enables a local privileged attacker to write out-of-bounds memory, potentially impacting confidentiality and integrity. Affected component: Blockchain Keystore. Root cause: out-of-bounds wr...

CVE-2025-20900

Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory...

CVE-2025-20900

Out-of-bounds write in Blockchain Keystore prior to version 1.3.16.5 allows local privileged attackers to write out-of-bounds memory...

RHEL 7 : open-vm-tools (RHSA-2024:5315)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2024:5315 advisory. The Open Virtual Machine Tools are the open source implementation of the VMware Tools. They are a set of guest operating system virtualization...

openSUSE Security Advisory (SUSE-SU-2024:1468-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2024:1468-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for open (SUSE-SU-2023:3507-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

openSUSE: Security Advisory for exempi (SUSE-SU-2023:3835-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

CentOS 9 : open-vm-tools-12.2.5-2.el9

The remote CentOS Linux 9 host has packages installed that are affected by a vulnerability as referenced in the open-vm- tools-12.2.5-2.el9 build changelog. - SAML token signature bypass rhel-9 CVE-2023-20900 Note that Nessus has not tested for this issue but has instead relied only on the...

Fedora 39 : open-vm-tools (2023-20b6ac4b6c)

The remote Fedora 39 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2023-20b6ac4b6c advisory. Package new upstream version of open-vm-tools-12.3.0-22234872. Security fix for CVE-2023-20900, CVE-2023-20867 Tenable has extracted the preceding...

Advisory ROSA-SA-2023-2242

Software: open-vm-tools 11.0.5 OS: rosa-server79 packageevrstring: open-vm-tools-11.0.5-2.rv3.src.rpm CVE-ID: CVE-2023-20900 BDU-ID: 2023-05064 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the VMware Tools suite of utilities is related to the ability to bypass the SAML token signature...