421 matches found
SUSE: Security Advisory (SUSE-SU-2018:2991-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2779-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:2779-2)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
ESXi 6.5 / 6.7 / 7.0 RCE (VMSA-2021-0002)
The remote VMware ESXi host is version 6.5, 6.7 or 7.0 and is affected by a remote code execution vulnerability. OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing...
VMware vCenter Server CVE-2021-21972 Remote Code Execution Vulnerability: What You Need to Know
This blog post was co-authored by Bob Rudis and Caitlin Condon. What’s up? On Feb. 23, 2021, VMware published an advisory VMSA-2021-0002 describing three weaknesses affecting VMware ESXi, VMware vCenter Server, and VMware Cloud Foundation. Before digging into the individual vulnerabilities, it is...
CVE-2021-21974
OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...
Heap overflow
OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...
CVE-2021-21974
OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...
CVE-2021-21974
CVE-2021-21974 is a heap-based overflow in VMware ESXi’s OpenSLP service that can enable remote code execution when an attacker on the same network segment can reach port 427. Affected releases include ESXi 7.x (before ESXi70U1c-17325551), ESXi 6.7 (before 202102401-SG), and ES6.5 (before 2021021...
Critical RCE Flaws Affect VMware ESXi and vSphere Client — Patch Now
VMware has addressed multiple critical remote code execution RCE vulnerabilities in VMware ESXi and vSphere Client virtual infrastructure management platform that may allow attackers to execute arbitrary commands and take control of affected systems. "A malicious actor with network access to port...
VMware ESXi OpenSLP Heap Overflow Vulnerability
VMware ESXi is VMware's open server resource consolidation platform that enables centralized management of multiple servers with less hardware and improved server performance and security. VMware ESXi OpenSLP Heap Overflow Vulnerability.The VMware ESXi OpenSLP heap overflow vulnerability is...
威睿 VMware ESXi 缓冲区错误漏洞
VMware ESXi is VMware's open server resource consolidation platform that enables centralized management of multiple servers with less hardware and improved server performance and security. VMware ESXi OpenSLP Heap Overflow Vulnerability.The VMware ESXi OpenSLP heap overflow vulnerability is...
CVE-2021-21974
OpenSLP as used in ESXi 7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the heap-overflow issue i...
PT-2021-2129
Name of the Vulnerable Software and Affected Versions: VMware ESXi versions 6.5 before ESXi650-202102101-SG VMware ESXi versions 6.7 before ESXi670-202102401-SG VMware ESXi versions 7.0 before ESXi70U1c-17325551 Description: VMware ESXi’s OpenSLP service contains a heap-overflow vulnerability. An...
VMware ESXi OpenSLP Remote Code Execution Vulnerability (CVE-2020-3992 and CVE-2019-5544): What You Need To Know
What’s up? On November 6, 2020 Microsoft’s Kevin Beaumont alerted the community to evidence of active exploitation attempts of CVE-2020-3992 and/or CVE-2019-5544, which are remote code execution RCE vulnerabilities in VMware ESXi’s service location protocol SLP service. VMware had issued a patch...
VMware Issues Updated Fix For Critical ESXi Flaw
VMware issued an updated fix for a critical-severity remote code execution flaw in its ESXi hypervisor products. Wednesday’s VMware advisory said updated patch versions were available after it was discovered the previous patch, released Oct. 20, did not completely address the vulnerability. That’...
The vulnerability of the openslp hypervisor package affects VMware ESXi, VMware Workstation, and VMware Fusion, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the openslp hypervisor packages in VMware ESXi, VMware Workstation, and VMware Fusion relates to reading beyond the buffer boundaries. Exploiting this vulnerability can allow an attacker to gain unauthorized access to protected information...
The vulnerability of the openslp hypervisor packages in VMware ESXi, VMware Workstation, and VMware Fusion allows a malicious actor to execute arbitrary code, cause system failures, or gain unauthorized access to protected information.
The vulnerability of the openslp hypervisor packages in VMware ESXi, VMware Workstation, and VMware Fusion relates to the use of memory after deallocation. Exploiting this vulnerability can allow an attacker to execute arbitrary code, cause system failures, or gain unauthorized access to protecte...
CVE-2020-3992
OpenSLP as used in VMware ESXi 7.0 before ESXi7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free...
Design/Logic Flaw
OpenSLP as used in VMware ESXi 7.0 before ESXi7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trigger a use-after-free...