43 matches found
EUVD-2020-25258
Malware in sbrugna...
EUVD-2023-25041
Malicious code in bioql PyPI...
EUVD-2021-9152
Malicious code in bioql PyPI...
EUVD-2025-31599
Malicious code in bioql PyPI...
CVE-2025-41252
Summary of CVE-2025-41252 ( VMware NSX Username Enumeration ) : An unauthenticated, remote attacker can enumerate valid usernames in affected VMware NSX deployments, potentially enabling unauthorized access. Affected products include VMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x ; NSX-T 3.x ; and VMwar...
CVE-2025-41251 Weak password recovery vulnerability
VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks. Impact: Username enumeration → credential brute force risk. Attack Vector: Remote, unauthenticated...
CVE-2021-21981
VMware NSX-T contains a privilege escalation vulnerability due to an issue with RBAC Role based access control role assignment. Successful exploitation of this issue may allow attackers with local guest user account to assign privileges higher than their own permission level...
CVE-2020-3993
VMware NSX-T 3.x before 3.0.2, 2.5.x before 2.5.2.2.0 contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the transport node...
CVE-2023-20868
NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages...
Cross site scripting
NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages...
CVE-2023-20868
NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages...
CVE-2023-20868
NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages...
CVE-2023-20868
CVE-2023-20868 is a reflected cross-site scripting vulnerability in VMware NSX-T due to insufficient input validation. A remote attacker could inject HTML/JavaScript to redirect victims to malicious pages. The connected VMSA-2023-0010 advisory specifies affected NSX-T 3.2.x and that the vulnerabi...
Vulnerability fixed in VMWare NSX-T
VMWare has fixed a vulnerability in NSX-T. A unauthenticated malicious person could exploit the vulnerability to perform perform a cross-site scripting attack on the underlying applications. Such an attack can lead to execution of arbitrary code in the context of the victim's browser, or access t...
PT-2023-2931 · Vmware · Vmware Nsx-T
Name of the Vulnerable Software and Affected Versions: VMware NSX-T affected versions not specified Description: The issue is related to a reflected cross-site scripting vulnerability in VMware NSX-T due to a lack of input validation. This allows a remote attacker to inject HTML or JavaScript,...
VMSA-2023-0010:NSX-T update addresses cross-site scripting vulnerability
Advisory ID: VMSA-2023-0010 CVSSv3 Range: 4.3 Issue Date:2023-05-23 Updated On: 2023-05-23 Initial Advisory CVEs: CVE-2023-20868 Synopsis: NSX-T update addresses cross-site scripting vulnerability CVE-2023-20868 RSS Feed Download PDF Download Text File Share this page on social media: 1. Impacted...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Cloud Proxy VMware vRealize Automation VMware vRealize...
VMware Response to Apache Log4j Remote Code Execution Vulnerabilities (CVE-2021-44228, CVE-2021-45046)
1. Impacted Products Under Evaluation VMware Horizon VMware vCenter Server VMware HCX VMware NSX-T Data Center VMware Unified Access Gateway VMware WorkspaceOne Access VMware Identity Manager VMware vRealize Operations VMware vRealize Operations Cloud Proxy VMware vRealize Automation VMware...