59 matches found
EUVD-2024-19835
Malicious code in bioql PyPI...
EUVD-2024-19840
Malicious code in bioql PyPI...
EUVD-2022-28087
Malicious code in bioql PyPI...
EUVD-2024-19825
Malicious code in bioql PyPI...
EUVD-2023-38174
Malicious code in bioql PyPI...
CVE-2024-22256
VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance...
CVE-2024-22277
VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...
CVE-2024-22276
VMware Cloud Director Object Storage Extension contains an Insertion of Sensitive Information vulnerability. A malicious actor with adjacent access to web/proxy server logging may be able to obtain sensitive information from URLs that are logged...
CVE-2024-22272
VMware Cloud Director contains an Improper Privilege Management vulnerability. An authenticated tenant administrator for a given organization within VMware Cloud Director may be able to accidentally disable their organization leading to a Denial of Service for active sessions within their own...
CVE-2023-34060
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass log...
CVE-2022-22966
An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server...
CVE-2020-3956
VMware Cloud Director 10.0.x before 10.0.0.2, 9.7.0.x before 9.7.0.5, 9.5.0.x before 9.5.0.6, and 9.1.0.x before 9.1.0.4 do not properly handle input leading to a code injection vulnerability. An authenticated actor may be able to send malicious traffic to VMware Cloud Director which may lead to...
The vulnerability of the disaster recovery mechanism for the VMware Cloud Director Availability, related to deficiencies in neutralizing special symbols, allows attackers to execute cross-site scripting (XSS) attacks.
The vulnerability of the disaster recovery tool for VMware Cloud Director Availability relates to deficiencies in neutralizing special symbols. Exploiting this vulnerability allows a malicious actor to perform cross-site scripting XSS attacks by injecting malicious HTML tags...
The vulnerability of the VMware Cloud Director platform, related to deficiencies in access control, allows a attacker to trigger a service failure.
The vulnerability of the VMware Cloud Director platform relates to deficiencies in access control. Exploiting this vulnerability could allow a malicious actor to cause service interruptions...
The vulnerability of the VMware Cloud Director Object Storage Extension lies in the insufficient protection of operational data, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the VMware Cloud Director Object Storage Extension relates to insufficient protection of operational data. Exploiting this vulnerability may allow a malicious actor, operating remotely, to gain unauthorized access to protected information...
CVE-2024-22277
VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...
CVE-2024-22277
CVE-2024-22277 affects VMware Cloud Director Availability. An HTML injection vulnerability allows a network-authenticated attacker to craft malicious HTML tags that execute within replication tasks. The issue is addressed by VMware in the 4.7.2 release; advisory indicates affected product lines i...
CVE-2024-22277
VMware Cloud Director Availability contains an HTML injection vulnerability. A malicious actor with network access to VMware Cloud Director Availability can craft malicious HTML tags to execute within replication tasks...
VMware Cloud Director Availability Security Vulnerability
VMware Cloud Director Availability is a Disaster Recovery-as-a-Service DRaaS solution from VMware, Inc. A security vulnerability exists in VMware Cloud Director Availability that stems from the inclusion of HTML injection, which allows an attacker with network access to craft malicious HTML tags...
VMSA-2024-0016: VMware Cloud Director Availability addresses an HTML injection vulnerability (CVE-2024-22277)
Advisory ID: | VMSA-2024-0016 ---|--- Severity: | Moderate CVSSv3 Range: | 6.4 Issue date: | 2024-07-04 Updated on: | 2024-07-04 Initial Advisory CVEs | CVE-2024-22277 Synopsis: | VMware Cloud Director Availability addresses an HTML injection vulnerability CVE-2024-22277 1. Impacted Products...