EUVD-2012-4974

Malware in sbrugna...

CVE-2015-6934

Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager vADM 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java object, related to the...

VMware vCenter Operations Manager Installed (Linux)

Binary data vmwarevcenteroperationsmanagerinstalledlinux.nbin...

VMware vCenter Operations Manager Web UI Detection

Binary data vmwarevcenteroperationsmanagerwebuidetect.nbin...

VMware vCenter Operations Manager Installed (Windows)

Binary data vmwarevcenteroperationsmanagerinstalled.nbin...

VMware vCenter Operations Management Linux JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)

The version of VMware vCenter Operations Manager installed on the remote Linux host has a bundled version of the Java JRE prior to version 1.7.076-b13 aka 7.0.760.13. It is, therefore, affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is...

VMware vCenter Operations Management vApp JRE Update 1.7.0_76-b13 (VMSA-2015-0003) (POODLE)

The version of VMware vCenter Operations Manager installed on the remote host has a bundled version of the Java JRE prior to version 1.7.076-b13 aka 7.0.760. It is, therefore, affected by a man-in-the-middle MitM information disclosure vulnerability known as POODLE. The vulnerability is due to th...

VMware vCenter Operations Manager Web UI Default Credentials

The web UI component of VMware vCenter Operations Manager uses a known set of default credentials. An attacker can use these to gain access to the system. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. include'deprecatednasllevel.inc'; include'compat.inc'; if description scriptid82704;...

KLA10530 JRE update for multiple VMware products

Multiple VMware products were updated to address vulnerabilities in Oracle Java. For details look at KLA10447. Original advisories VMSA advisory KLA10447 Exploitation Public exploits exist for this vulnerability. Related products VMware-unclassified-products CVE list CVE-2014-6593 warning Solutio...

VMware vCenter Operations Management Bash Vulnerabilities (VMSA-2014-0010) (Shellshock)

The version of VMware vCenter Operations Manager installed on the remote host is prior to 5.7.3 / 5.8.3. It is, therefore, affected by the environmental variable command injection vulnerability known as 'Shellshock'. C Tenable Network Security, Inc. include'compat.inc'; if description...

VMware vCenter Operations Management Suite Multiple Vulnerabilities (VMSA-2014-0007)

The version of vCenter Operations Manager installed on the remote host is prior to 5.8.2. It is, therefore, affected by the following vulnerabilities : - An error exists in the included Apache Tomcat version related to handling 'Content-Type' HTTP headers and multipart requests such as file uploa...

VMware vCenter Operations Manager Multiple OpenSSL Vulnerabilities (VMSA-2014-0006)

The version of vCenter Operations Manager installed on the remote host is 5.7.x or later and prior to 5.8.2. It is, therefore, affected by the following OpenSSL related vulnerabilities : - An error exists in the function 'ssl3readbytes' that could allow data to be injected into other sessions or...

VMware product updates address security vulnerabilities in Apache Struts library

The Apache Struts library is updated to version 2.3.16.2 to address multiple security issues.The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2014-0050, CVE-2014-0094, and CVE-2014-0112 to these issues.CVE-2014-0112 may lead to remote code execution. This...

VMSA-2014-0007:VMware product updates address security vulnerabilities in Apache Struts library

VMSA-2014-0007.2 VMware product updates address security vulnerabilities in Apache Struts library VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0007.2 VMware Security Advisory Synopsis: VMware product updates address security vulnerabilities in Apache Struts library...

VMware vCenter Operations Manager Arbitrary File Upload (VMSA-2012-0013)

The version of vCenter Operations Manager installed on the remote host is earlier than 5.0.3. It is, therefore, potentially affected by an arbitrary file upload vulnerability in the Apache Struts component. By exploiting this flaw, a remote, unauthenticated attacker could overwrite arbitrary file...

VMSA-2012-0014 VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ----------------------------------------------------------------------- VMware Security Advisory Advisory ID: VMSA-2012-0014 Synopsis: VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates Issue date: 2012-10-04 Updated on:...

Cross site scripting

Cross-site scripting XSS vulnerability in the server in VMware vCenter Operations aka vCOps before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-5050

Cross-site scripting XSS vulnerability in the server in VMware vCenter Operations aka vCOps before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-5050

Cross-site scripting XSS vulnerability in the server in VMware vCenter Operations aka vCOps before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors...

CVE-2012-5050

CVE-2012-5050 concerns VMware vCenter Operations (vCOps). The vCOps server prior to 5.0.x is vulnerable to a cross-site scripting (XSS) flaw that allows remote attackers to inject arbitrary web script or HTML via unspecified vectors, potentially enabling session cookie theft for administrators. T...