32 matches found
EUVD-2020-25268
Malware in sbrugna...
EUVD-2024-19817
Malicious code in bioql PyPI...
EUVD-2024-19815
Malicious code in bioql PyPI...
EUVD-2023-25068
Malicious code in bioql PyPI...
CVE-2024-22247
VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access to the SD-WAN Edge appliance during activation can potentially exploit this vulnerability to access the BIOS configuration. In addition, the malicious actor may be...
CVE-2023-20899
VMware SD-WAN Edge contains a bypass authentication vulnerability. An unauthenticated attacker can download the Diagnostic bundle of the application under VMware SD-WAN Management...
CVE-2020-4003
VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lead to...
CVE-2019-5533
In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloCloud Orchestrator parameter authorization check mistakenly allows enterprise users to obtain information of Managed Service Provider accounts. Among the information is username, first and last name, phone numbers and e-mail addre...
CVE-2024-22248
VMware SD-WAN Orchestrator contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker controlled domain due to improper path handling leading to sensitive information disclosure...
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...
The vulnerability of the user interface of the Edge Router microprogramming software for devices in the VMware SD-WAN Edge and VMware SD-WAN Orchestrator software platform for managing programmatically configurable networks allows a perpetrator to execute arbitrary commands.
The vulnerability of the Edge Router user interface of microprogramming software in VMware SD-WAN Edge and the VMware SD-WAN Orchestrator platform for managing programmatically configurable networks is related to the failure to eliminate special elements used in operating systems commands...
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...
CVE-2024-22247
CVE-2024-22247 — VMware SD-WAN Edge contains a missing authentication and protection mechanism vulnerability. A malicious actor with physical access during activation could potentially access BIOS configuration and exploit the default boot priority. The issue is documented with a moderate base sc...
CVE-2024-22246
VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full control of the router...
VMware SD-WAN Orchestrator 安全漏洞
VMware SD-WAN Orchestrator is a software from VMware that is used to orchestrate network data flows in a software-defined network architecture. The software provides web pages to visualize and manage users, gateways, and authentication. A security vulnerability exists in VMware SD-WAN Orchestrato...
PT-2024-2585 · Vmware · Vmware Sd-Wan Orchestrator
Name of the Vulnerable Software and Affected Versions: VMware SD-WAN Orchestrator affected versions not specified Description: The issue is related to an open redirect vulnerability. A malicious actor may redirect a victim to an attacker-controlled domain due to improper path handling, leading to...
The vulnerability of the web interface of microprogramming software in VMware SD-WAN Edge devices allows a hacker to bypass security restrictions and gain access to read, modify, or delete data.
The vulnerability of the web interface of microprogramming software in VMware SD-WAN Edge devices is related to deficiencies in access control. Exploiting this vulnerability allows a malicious actor to bypass security restrictions and gain read, modify, or delete access to data by downloading the...
CVE-2023-20899
VMware SD-WAN Edge contains a bypass authentication vulnerability. An unauthenticated attacker can download the Diagnostic bundle of the application under VMware SD-WAN Management...
CVE-2023-20899
VMware SD-WAN Edge contains a bypass authentication vulnerability. An unauthenticated attacker can download the Diagnostic bundle of the application under VMware SD-WAN Management...
PT-2023-4031 · Vmware · Vmware Sd-Wan
Name of the Vulnerable Software and Affected Versions: VMware SD-WAN Edge affected versions not specified Description: The issue is related to a bypass authentication vulnerability in the web interface of VMware SD-WAN Edge devices. This vulnerability is due to inadequate access control and can b...