CGA-RPW9-V7F5-VMRC

Bulletin has no description...

EUVD-2017-3766

Malware in sbrugna...

RHEL 7 : Red Hat CloudForms (RHSA-2018:0374)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2018:0374 advisory. Ansible is a simple model-driven configuration management, multi-node deployment, and remote-task execution system. Ansible works over SSH and does n...

VMware Multiple Products Privilege Escalation Vulnerability

VMware Fusion, Remote Console VMRC for Mac, and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries that allows attackers to escalate privileges to root...

CVE-2020-3957

VMware Fusion 11.x before 11.5.5, VMware Remote Console for Mac 11.x and prior and VMware Horizon Client for Mac 5.x and prior contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use TOCTOU issue in the service opener. Successful exploitation of this issue may allow...

Privilege escalation

VMware Fusion 11.x before 11.5.5, VMware Remote Console for Mac 11.x and prior and VMware Horizon Client for Mac 5.x and prior contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use TOCTOU issue in the service opener. Successful exploitation of this issue may allow...

CVE-2020-3957

VMware Fusion 11.x before 11.5.5, VMware Remote Console for Mac 11.x and prior and VMware Horizon Client for Mac 5.x and prior contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use TOCTOU issue in the service opener. Successful exploitation of this issue may allow...

CVE-2020-3950

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

Privilege escalation

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

CVE-2020-3950

Mode C: CVE-2020-3950 affects VMware Fusion (11.x up to 11.5.1/11.5.2), VMware Remote Console for Mac (11.x up to 11.0.1), and Horizon Client for Mac (5.x up to 5.4.0). Root cause: improper use of setuid binaries enabling local privilege escalation from a normal user to root on systems running th...

CVE-2020-3950

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

VMware Workstation, Fusion, VMware Remote Console and Horizon Client updates address privilege escalation and denial-of-service vulnerabilities (CVE-2020-3950, CVE-2020-3951)

3a. Privilege escalation vulnerability via setuid binaries CVE-2020-3950 VMware Fusion, VMRC for Mac and Horizon Client for Mac contain a privilege escalation vulnerability due to improper use of setuid binaries. VMware has evaluated the severity of this issue to be in the Important severity rang...

CVE-2020-3950

VMware Fusion 11.x before 11.5.2, VMware Remote Console for Mac 11.x and prior before 11.0.1 and Horizon Client for Mac 5.x and prior before 5.4.0 contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with...

VMware Horizon Client, VMRC, VMware Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2019-5543, CVE-2020-3947, CVE-2020-3948)

3a. Use-after-free vulnerability in vmnetdhcp CVE-2020-3947 VMware Workstation and Fusion contain a use-after vulnerability in vmnetdhcp.VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3. 3b. Local Privilege escalation...

VMSA-2019-0014 : Use-after-free vulnerability

ESXi use-after-free vulnerability - CVE-2019-5527 ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. A local attacker with non-administrative access on the guest machine may exploit this issue to execute code on the host. This...

VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535)

3a. ESXi, Workstation, Fusion, VMRC and Horizon Client use-after-free vulnerability - CVE-2019-5527 ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severit...

VMSA-2019-0014:VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities.

VMware Security Advisories Advisory ID| VMSA-2019-0014.1 ---|--- Advisory Severity| Important CVSSv3 Range| 4.7-8.5 Synopsis| VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. CVE-2019-5527, CVE-2019-5535 Issue Date|...

Privilege Escalation

cfme-gemset is vulnerable to privilege escalation attacks. The vulnerability exists as a flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC VMWare Remote Console functions that may not be appropriate fo...

CVE-2017-12191

A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC VMWare Remote Console functions that may not be appropriate for users of CloudForms and thus this account. An attacker could use this vulnerability t...

Design/Logic Flaw

A flaw was found in the CloudForms account configuration when using VMware. By default, a shared account is used that has privileged access to VMRC VMWare Remote Console functions that may not be appropriate for users of CloudForms and thus this account. An attacker could use this vulnerability t...