50 matches found
fusion-plugin-jwt (>=0.1.0 <=0.1.8), toystore (>=1.1.1 <=1.5.3) potentially affected by CVE-2021-25952 via just-safe-set (=1.1.0)
just-safe-set NPM version =1.1.0 is affected by a known vulnerability. The following packages have a transitive dependency on just-safe-set and may be impacted: - fusion-plugin-jwt =0.1.0, =1.1.1, =1.5.3 Source cves: CVE-2021-25952 Source advisory: OSV:GHSA-V26W-GCXH-V4R7...
HashiCorp Vagrant VMware Fusion Plugin Local Elevation of Privilege Vulnerability
The HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion is a tool developed by HashiCorp in the United States for building and managing virtual machine environments on VMware virtual machines. A security vulnerability exists in version 5.0.3 of the HashiCorp Vagrant VMware Fusion...
Design/Logic Flaw
If HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root...
CVE-2017-16001
In HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges...
CVE-2017-15884
In HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges...
CVE-2017-15884
In HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges...
CVE-2017-12579
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 4.0.24 and earlier allows a non-root user to obtain a root shell...
Design/Logic Flaw
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 4.0.24 and earlier allows a non-root user to obtain a root shell...
CVE-2017-12579
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin aka vagrant-vmware-fusion 4.0.24 and earlier allows a non-root user to obtain a root shell...
HashiCorp Vagrant VMware Fusion Plugin Elevation of Privilege Vulnerability
HashiCorp Vagrant VMware Fusion plugin is a tool for building and managing virtual machine environments on VMware virtual machines developed by HashiCorp, USA. A security vulnerability exists in the sudo helper in HashiCorp Vagrant VMware Fusion plugin versions prior to 4.0.21. A local attacker...