18 matches found
EUVD-2020-25240
Malware in sbrugna...
CVE-2021-21999
VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...
CVE-2020-3975
VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting XSS vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim'...
Critical VMware Carbon Black Bug Allows Auth Bypass
VMware has fixed an uber-severe bug in its Carbon Black App Control AppC management server: A server whose job is to lock down critical systems and servers so they don’t get changed willy-nilly. AppC also ensures that organizations stay in continuous compliance with regulatory mandates. This is a...
CVE-2021-21999
VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...
CVE-2021-21999
VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...
CVE-2021-21999
VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...
VMware Releases Security Updates
VMware has released security updates to address vulnerabilities in the VMware Carbon Black App Control management server as well as VMware Tools for Windows, VMware Remote Console for Windows, and VMware App Volumes. An attacker could exploit these vulnerabilities to take control of an affected...
多款VMware产品代码问题漏洞
VMware Tools for Windows is a set of Windows-based enhancements for VMWare virtual machines, VMware Remote Console is a remote console application, VMware Tools is a set of enhancements for VMWare virtual machines, Microsoft Windows is a product of Microsoft Corporation. VMware Tools for Windows ...
VMware App Volumes Manager Installed (Windows)
Binary data vmwareappvolmgrinstalled.nbin...
VMware App Volumes 2.x < 2.18.6 / 4.x < 4.1.0.57 (2006) XSS
The version of VMWare App Volumes installed on the remote host is 2.x prior to 2.18.6, or 4.x prior to 4.1.0.57 2006. It is, therefore, affected by a cross-site scripting vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject...
VMware App Volumes Agent Installed (Windows)
Binary data vmwareappvolagentinstalled.nbin...
CVE-2020-3975
VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting XSS vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim'...
CVE-2020-3975
VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting XSS vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim'...
Cross site scripting
VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting XSS vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim'...
CVE-2020-3975
CVE-2020-3975 describes a Stored XSS issue in VMware App Volumes for 2.x (pre-2.18.6) and 4.x (pre-2006). The root cause is inadequate input validation when creating/editing applications or storage groups, enabling a malicious actor with those permissions to inject script executed in a victim’s b...
CVE-2020-3975
VMware App Volumes 2.x prior to 2.18.6 and VMware App Volumes 4 prior to 2006 contain a Stored Cross-Site Scripting XSS vulnerability. A malicious actor with access to create and edit applications or create storage groups, may be able to inject malicious script which will be executed by a victim'...
VMware App Volumes patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3975)
3a. Advisory Details VMware App Volumes does not correctly validate user input when creating and editing applications or creating storage groups. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.5...