AZL-67806 CVE-2025-22247 affecting package open-vm-tools for versions less than 12.3.5-2

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

Progress Flowmon 12.3.5 Local sudo Privilege Escalation Exploit

This Metasploit module abuses a feature of the sudo command on Progress Flowmon. Certain binary files are allowed to automatically elevate with the sudo command. This is based off of the file name. This includes executing a PHP command with a specific file name. If the file is overwritten with PH...

Vulnerabilities fixed in VMware Tools

VMware has fixed vulnerabilities in VMware Tools. A malicious person with access to a guest system in which VMWare Tools are installed can exploit the vulnerabilities to give themselves elevated privileges and thus potentially execute code with elevated privileges. VMware has released updates to...

CVE-2020-10085

GitLab 12.3.5 through 12.8.1 allows Information Disclosure. A particular view was exposing merge private merge request titles...