1390 matches found
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
DEBIAN-CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
Security feature bypass
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-34058
CVE-2023-34058 affects open-vm-tools/VMware Tools. A SAML token signature bypass in VMware Tools can enable privilege elevation when a VM’s Guest Operation Privileges and a higher-privilege Guest Alias are involved. Multiple connected advisories confirm open-vm-tools as the affected component acr...
UBUNTU-CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
CVE-2023-44770
A Cross-Site Scripting XSS vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias...
CVE-2023-44770
A Cross-Site Scripting XSS vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias...
CVE-2023-44770
A Cross-Site Scripting XSS vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias...
CVE-2023-44770
A Cross-Site Scripting XSS vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias...
CVE-2023-44770
A Cross-Site Scripting XSS vulnerability in Zenario CMS v.9.4.59197 allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias...
PT-2023-29293 · Unknown · Zenario Cms
Name of the Vulnerable Software and Affected Versions: Zenario CMS version 9.4.59197 Description: A Cross-Site Scripting XSS issue allows an attacker to execute arbitrary code via a crafted script to the Organizer - Spare alias. This enables the attacker to perform unauthorized actions on the...
SUSE SLED15 / SLES15 / openSUSE 15 : Security update for open-vm-tools (SUSE-SU-2023:3835-1)
The remote SUSE Linux SLED15 / SLEDSAP15 / SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3835-1 advisory. - A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-...
SUSE SLES12 Security Update : open-vm-tools (SUSE-SU-2023:3795-1)
The remote SUSE Linux SLES12 / SLESSAP12 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2023:3795-1 advisory. - A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-...
Rocky Linux 8 : open-vm-tools (RLSA-2023:5312)
The remote Rocky Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2023:5312 advisory. - A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-...
Ubuntu 16.04 ESM / 18.04 ESM : Open VM Tools vulnerability (USN-6365-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by a vulnerability as referenced in the USN-6365-2 advisory. USN-6365-1 fixed a vulnerability in Open VM Tools. This update provides the corresponding update for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Tenable ha...
Oracle Linux 8 : open-vm-tools (ELSA-2023-5312)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2023-5312 advisory. 12.1.5-2.0.2.3 - Resolves: RHEL-4584 CVE-2023-20900 open-vm-tools: SAML token signature bypass Tenable has extracted the preceding description block directly fr...
AlmaLinux 8 : open-vm-tools (ALSA-2023:5312)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2023:5312 advisory. - A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-...