1050 matches found
VMSA-2024-0013:VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2024-37085, CVE-2024-37086, CVE-2024-37087)
Advisory ID: | VMSA-2024-0013.2 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 5.3-6.8 Synopsis: | VMware ESXi and vCenter Server updates address multiple vulnerabilities CVE-2024-37085, CVE-2024-37086, CVE-2024-37087 Issue date: | 2024-06-25 Updated on: | 2024-08-12 CVEs | CVE-2024-37085,...
VMware vCenter Server Security Vulnerability
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments that automates the implementation and delivery of virtual infrastructures. A security vulnerability exists in VMware...
PT-2024-4540 · Vmware · Vmware Vcenter Server +2
Name of the Vulnerable Software and Affected Versions: vCenter Server affected versions not specified VMware Cloud Foundation affected versions not specified Description: The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may...
VMware vCenter Server Appliance License Server Uncontrolled Memory Allocation Denial-of-Service Vulnerability
This vulnerability allows remote attackers to create a denial-of-service condition on affected installations of VMware vCenter Server Appliance. Authentication is not required to exploit this vulnerability. The specific flaw exists within the License Server. The issue results from the lack of...
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure VMware vCenter Server allows a perpetrator to execute arbitrary code.
The vulnerability of the DCERPC protocol implementation in the software for managing virtual infrastructure, VMware vCenter Server, arises due to a buffer overflow. Exploiting this vulnerability allows an attacker to execute arbitrary code by sending a specially crafted network packet remotely...
Broadcom Advises Urgent Patch for Severe VMware vCenter Server Vulnerabilities
Critical security vulnerabilities CVE-2024-37079, CVE-2024-37080, CVE-2024-37081 found in VMware vCenter Server! Patch immediately to safeguard virtual environments from remote code execution & privilege escalation attacks...
VMware vCenter Server 7.0 < 7.0U3r / 8.0 < 8.0U2d Multiple Vulnerabilities (VMSA-2024-0012)
The version of VMware vCenter Server installed on the remote host is 7.0 prior to 7.0U3r, or 8.0 prior to 8.0U2d. It is, therefore, affected by a partial information disclosure vulnerability as referenced in the VMSA-2024-0012 advisory: - The vCenter Server contains multiple heap-overflow...
Vulnerabilities fixed in VMware vCenter
VMware has fixed vulnerabilities in vCenter Server. A malicious party could exploit the vulnerabilities to grant themselves elevated privileges and execute arbitrary code on the server. For successful abuse, however, the malicious party must have access to the LAN infrastructure. VMware has...
CVE-2024-37079
creationtimestamp| type| source ---|---|--- 2024-06-18 10:35:10+00:00| seen| Telegram/obSPr9PV0DaqSLTggJciA2CpsnkCDUqehnwTxKSd-hA48 2024-06-18 10:56:22+00:00| seen| https://t.me/thehackernews/5132 2024-06-18 11:00:18+00:00| seen| https://t.me/KomunitiSiber/2122 2024-06-18 11:45:57+00:00| seen|...
VMware Issues Patches for Cloud Foundation, vCenter Server, and vSphere ESXi
VMware has released updates to address critical flaws impacting Cloud Foundation, vCenter Server, and vSphere ESXi that could be exploited to achieve privilege escalation and remote code execution. The list of vulnerabilities is as follows - CVE-2024-37079 & CVE-2024-37080 CVSS scores: 9.8 -...
CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...
CVE-2024-37079
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2024-37080
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2024-37080
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2024-37079
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...
CVE-2024-37079
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2024-37080
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...
CVE-2024-37081
The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance...