Lucene search
+L

500 matches found

Positive Technologies
Positive Technologies
added 2022/03/01 12:0 a.m.9 views

PT-2022-2232 · Vmware +1 · Vmware Tools +1

Name of the Vulnerable Software and Affected Versions: VMware Tools for Windows versions 10.x.y through 11.x.y prior to 12.0.0 Description: The issue is related to an uncontrolled search path vulnerability in VMware Tools for Windows. A malicious actor with local administrative privileges in the...

8.3CVSS7AI score0.01217EPSS
Exploits1References19
CNNVD
CNNVD
added 2022/03/01 12:0 a.m.7 views

VMware Tools for Windows 代码问题漏洞

Vmware VMware Tools for Windows is a set of Windows-based enhancement tools for VMWare virtual machines from Vmware, a VMware driver for enhancing virtual graphics and hard drive performance and synchronizing virtual machine and host clocks. for Windows is vulnerable to a code issue that could be...

7.2CVSS7.1AI score0.01217EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2022/02/23 12:0 a.m.20 views

F5 Networks BIG-IP : VMware Tools vulnerability (K84583382)

The version of F5 Networks BIG-IP installed on the remote host is prior to 14.1.5 / 15.1.5 / 16.0.0. It is, therefore, affected by a vulnerability as referenced in the K84583382 advisory. - VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of...

6.7CVSS6.9AI score0.00331EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2021/06/29 12:0 a.m.8 views

The vulnerability relates to the set of tools for VMware Tools, the software for managing applications and users across various VMware Virtual Machines, as well as the VMware Remote Console. This allows a malicious individual to escalate their privileges.

The vulnerability affects the set of utilities in VMware Tools, the software for managing applications and users across various VMware App Volumes, as well as the VMware Remote Console. This vulnerability stems from the absence of quotation marks in the syntax of certain elements or search paths...

7.8CVSS7.5AI score0.01382EPSS
Exploits0References3Affected Software3
BDU FSTEC
BDU FSTEC
added 2021/06/25 12:0 a.m.5 views

The vulnerability of the VMware Tools driver for the VM3DMP set of utilities on Windows operating systems allows a hacker to cause a service failure.

The vulnerability of the VMware Tools utility driver for Windows operating systems exists due to insufficient testing of input data. Exploiting this vulnerability can allow an attacker to cause service failures...

5.5CVSS5.9AI score0.00652EPSS
Exploits0References4Affected Software1
ThreatPost
ThreatPost
added 2021/06/24 3:31 p.m.259 views

Critical VMware Carbon Black Bug Allows Auth Bypass

VMware has fixed an uber-severe bug in its Carbon Black App Control AppC management server: A server whose job is to lock down critical systems and servers so they don’t get changed willy-nilly. AppC also ensures that organizations stay in continuous compliance with regulatory mandates. This is a...

9.8CVSS7.4AI score0.10619EPSS
Exploits0References13
OSV
OSV
added 2021/06/23 12:15 p.m.5 views

CVE-2021-21999

VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...

7.8CVSS5.8AI score0.01382EPSS
Exploits0References2
Cvelist
Cvelist
added 2021/06/23 11:16 a.m.26 views

CVE-2021-21999

VMware Tools for Windows 11.x.y prior to 11.2.6, VMware Remote Console for Windows 12.x prior to 12.0.1 , VMware App Volumes 2.x prior to 2.18.10 and 4 prior to 2103 contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit this issue by...

8AI score0.01382EPSS
Exploits0References2
CISA
CISA
added 2021/06/23 12:0 a.m.36 views

VMware Releases Security Updates

VMware has released security updates to address vulnerabilities in the VMware Carbon Black App Control management server as well as VMware Tools for Windows, VMware Remote Console for Windows, and VMware App Volumes. An attacker could exploit these vulnerabilities to take control of an affected...

7.1AI score
Exploits0References2
OSV
OSV
added 2021/06/18 1:15 p.m.8 views

CVE-2021-21997

VMware Tools for Windows 11.x.y prior to 11.3.0 contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...

5.5CVSS5.8AI score0.00652EPSS
Exploits0References1
NVD
NVD
added 2021/06/18 1:15 p.m.34 views

CVE-2021-21997

VMware Tools for Windows 11.x.y prior to 11.3.0 contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...

5.5CVSS0.00652EPSS
Exploits0References1
Prion
Prion
added 2021/06/18 1:15 p.m.28 views

Denial of service

VMware Tools for Windows 11.x.y prior to 11.3.0 contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...

4.9CVSS5.3AI score0.00652EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2021/06/18 12:41 p.m.30 views

CVE-2021-21997

VMware Tools for Windows 11.x.y prior to 11.3.0 contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with local user privileges in the Windows guest operating system, where VMware Tools is installed, can trigger a PANIC in the VM3DMP driver leading to a...

5.6AI score0.00652EPSS
Exploits0References1
CNNVD
CNNVD
added 2021/06/18 12:0 a.m.6 views

VMware Tools for Windows 输入验证错误漏洞

Vmware VMware Tools for Windows is a suite of Windows-based enhancements for VMWare virtual machines from Vmware, Inc. It is a set of drivers provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with th...

5.5CVSS5.8AI score0.00652EPSS
Exploits0References4
NCSC
NCSC
added 2021/06/18 12:0 a.m.7 views

Vulnerability fixed in VMware Tools for Windows

A vulnerability has been fixed in VMware Tools for Windows. A malicious party could potentially exploit the vulnerability to cause a Denial-of-Service by exploiting a race condition in the VM3DMP driver. VMware has released updates to fix the vulnerability. For more information, see:...

5.5CVSS6.8AI score0.00652EPSS
Exploits0
VMware
VMware
added 2021/06/15 12:0 a.m.84 views

VMSA-2021-0011:VMware Tools for Windows update addresses a denial-of-service vulnerability

Advisory ID: VMSA-2021-0011 CVSSv3 Range: 3.3 Issue Date:2021-06-17 Updated On: 2021-06-17 Initial Advisory CVEs: CVE-2021-21997 Synopsis: VMware Tools for Windows update addresses a denial-of-service vulnerability CVE-2021-21997 RSS Feed Download PDF Download Text File Share this page on social...

5.5CVSS5.5AI score0.00652EPSS
Exploits0References12Affected Software1
Kitploit
Kitploit
added 2021/03/04 11:30 a.m.103 views

SharpSphere - .NET Project For Attacking vCenter

SharpSphere gives red teamers the ability to easily interact with the guest operating systems of virtual machines managed by vCenter. It uses the vSphere Web Services API and exposes the following functions: Command & Control - In combination with F-Secure's C3, SharpSphere provides C&C into VMs...

7.9AI score
Exploits0References4
OSV
OSV
added 2020/09/17 5:15 p.m.5 views

CVE-2020-24045

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the guest virtual...

7.2CVSS5.9AI score0.01553EPSS
Exploits1References4
NVD
NVD
added 2020/09/17 5:15 p.m.23 views

CVE-2020-24045

A sandbox escape issue was discovered in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the guest virtual...

9CVSS0.01553EPSS
Exploits1References4
CVE
CVE
added 2020/09/17 4:37 p.m.48 views

CVE-2020-24045

CVE-2020-24045 affects TitanHQ SpamTitan Gateway 7.07. The vulnerability arises from a sandbox escape in the restricted admin shell: when a fake VMware Tools ISO image is mounted in the guest VM, and the hidden VMware Tools install path vmware-freebsd-tools/vmware-tools-distrib/vmware-install.pl ...

9CVSS7AI score0.01553EPSS
Exploits1References4Affected Software1
Rows per page
Query Builder