67 matches found
Astra Linux - уязвимость в open-vm-tools
A malicious actor who has been granted “Guest Operation Privileges” https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html can potentially elevate their privileges if the target virtual machine has been assigned a more privileged “Guest Alias...
Astra Linux – Vulnerability in open-vm-tools
VMware Tools contains a vulnerability related to bypassing the SAML token signature. A malicious actor who has been granted “Guest Operation Privileges” in a target virtual machine may be able to elevate their privileges, provided that the target virtual machine has been assigned a more privilege...
EUVD-2023-38172
Malicious code in bioql PyPI...
EUVD-2023-25069
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2023-34058
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...
TencentOS Server 2: open-vm-tools (TSSA-2023:0218)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0218 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities:...
TencentOS Server 3: open-vm-tools (TSSA-2023:0226)
The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2023:0226 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...
SUSE CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a...
SUSE CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate...
open-vm-tools: SAML token signature bypass
An improper signature verification flaw was found in open-vm-tools that may lead to a bypass of SAML token signature. A malicious actor that has been granted Guest Operation Privileges in a target virtual machine may be able to elevate their privileges if that target virtual machine has been...
K000138114: open-vm-tools vulnerability CVE-2023-34058
Security Advisory Description VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https : //docs . vmware . com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtu...
Ubuntu 16.04 ESM / 18.04 ESM : Open VM Tools vulnerabilities (USN-6463-2)
The remote Ubuntu 16.04 ESM / 18.04 ESM host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-6463-2 advisory. USN-6463-1 fixed vulnerabilities in Open VM Tools. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS...
Rocky Linux 8 : open-vm-tools (RLSA-2023:7265)
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2023:7265 advisory. - VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges...
OESA-2023-1831 open-vm-tools security update
The project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and libraries of...
Oracle Linux 7 : open-vm-tools (ELSA-2023-7279)
The remote Oracle Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7279 advisory. - Resolves: RHEL-14642 CVE-2023-34058 open-vm-tools: SAML token signature bypass rhel-7.9.z - Resolves: RHEL-14676 CVE-2023-34059 open-vm-tools: file...
Oracle Linux 9 : open-vm-tools (ELSA-2023-7277)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2023-7277 advisory. - Address CVE-2023-34058 - BZ 2246963 - SAML token signature token bypass. Tenable has extracted the preceding description block directly from the Orac...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...
open-vm-tools: SAML token signature bypass
A flaw was found in open-vm-tools. This flaw allows a malicious actor that has been granted Guest Operation Privileges in a target virtual machine to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias...