Filtered by vendor Vmware
Subscribe
Total
839 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2023-34036 | 1 Vmware | 1 Spring Hateoas | 2024-02-05 | N/A | 5.3 MEDIUM |
| Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle (and possibly discard) forwarded headers either in WebFlux or at the level of the underlying HTTP server. For the application to be affected, it needs to satisfy the following requirements: * It needs to use the reactive web stack (Spring WebFlux) and Spring HATEOAS to create links in hypermedia-based responses. * The application infrastructure does not guard against clients submitting (X-)Forwarded… headers. | |||||
| CVE-2023-34037 | 1 Vmware | 1 Horizon Client | 2024-02-05 | N/A | 5.3 MEDIUM |
| VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests. | |||||
| CVE-2023-46118 | 1 Vmware | 1 Rabbitmq | 2024-02-05 | N/A | 4.9 MEDIUM |
| RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages over the HTTP API and cause target node to be terminated by an "out-of-memory killer"-like mechanism. This vulnerability has been patched in versions 3.11.24 and 3.12.7. | |||||
| CVE-2023-34058 | 4 Debian, Fedoraproject, Microsoft and 1 more | 5 Debian Linux, Fedora, Windows and 2 more | 2024-02-05 | N/A | 7.5 HIGH |
| VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html . | |||||
| CVE-2023-34038 | 1 Vmware | 1 Horizon Client | 2024-02-05 | N/A | 5.3 MEDIUM |
| VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration. | |||||
| CVE-2023-34059 | 2 Debian, Vmware | 2 Debian Linux, Open Vm Tools | 2024-02-05 | N/A | 7.0 HIGH |
| open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs. | |||||
| CVE-2023-34035 | 1 Vmware | 1 Spring Security | 2024-02-05 | N/A | 5.3 MEDIUM |
| Spring Security versions 5.8 prior to 5.8.5, 6.0 prior to 6.0.5, and 6.1 prior to 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (DispatcherServlet is a Spring MVC component that maps HTTP endpoints to methods on @Controller-annotated classes.) Specifically, an application is vulnerable when all of the following are true: * Spring MVC is on the classpath * Spring Security is securing more than one servlet in a single application (one of them being Spring MVC’s DispatcherServlet) * The application uses requestMatchers(String) to refer to endpoints that are not Spring MVC endpoints An application is not vulnerable if any of the following is true: * The application does not have Spring MVC on the classpath * The application secures no servlets other than Spring MVC’s DispatcherServlet * The application uses requestMatchers(String) only for Spring MVC endpoints | |||||
| CVE-2023-20866 | 1 Vmware | 1 Spring Session | 2024-02-04 | N/A | 6.5 MEDIUM |
| In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it is using HeaderHttpSessionIdResolver. | |||||
| CVE-2023-20894 | 1 Vmware | 1 Vcenter Server | 2024-02-04 | N/A | 9.8 CRITICAL |
| The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption. | |||||
| CVE-2023-31131 | 1 Vmware | 1 Greenplum Database | 2024-02-04 | N/A | 9.1 CRITICAL |
| Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability. | |||||
| CVE-2023-20872 | 2 Apple, Vmware | 3 Mac Os X, Fusion, Workstation | 2024-02-04 | N/A | 8.8 HIGH |
| VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. | |||||
| CVE-2023-20859 | 1 Vmware | 3 Spring Cloud Config, Spring Cloud Vault, Spring Vault | 2024-02-04 | N/A | 5.5 MEDIUM |
| In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token. | |||||
| CVE-2023-20862 | 1 Vmware | 1 Spring Security | 2024-02-04 | N/A | 6.3 MEDIUM |
| In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. Users of affected versions should apply the following mitigation. 5.7.x users should upgrade to 5.7.8. 5.8.x users should upgrade to 5.8.3. 6.0.x users should upgrade to 6.0.3. | |||||
| CVE-2023-20889 | 1 Vmware | 1 Vrealize Network Insight | 2024-02-04 | N/A | 7.5 HIGH |
| Aria Operations for Networks contains an information disclosure vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in information disclosure. | |||||
| CVE-2023-20871 | 2 Apple, Vmware | 2 Mac Os X, Fusion | 2024-02-04 | N/A | 7.8 HIGH |
| VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system. | |||||
| CVE-2023-20899 | 1 Vmware | 2 Sd-wan Edge, Sd-wan Edge Firmware | 2024-02-04 | N/A | 7.5 HIGH |
| VMware SD-WAN (Edge) contains a bypass authentication vulnerability. An unauthenticated attacker can download the Diagnostic bundle of the application under VMware SD-WAN Management. | |||||
| CVE-2023-25517 | 4 Citrix, Nvidia, Redhat and 1 more | 4 Hypervisor, Gpu Display Driver, Enterprise Linux Kernel-based Virtual Machine and 1 more | 2024-02-04 | N/A | 7.1 HIGH |
| NVIDIA vGPU software contains a vulnerability in the Virtual GPU Manager (vGPU plugin), where a guest OS may be able to control resources for which it is not authorized, which may lead to information disclosure and data tampering. | |||||
| CVE-2023-20888 | 1 Vmware | 1 Vrealize Network Insight | 2024-02-04 | N/A | 8.8 HIGH |
| Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution. | |||||
| CVE-2023-20870 | 1 Vmware | 2 Fusion, Workstation | 2024-02-04 | N/A | 6.0 MEDIUM |
| VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. | |||||
| CVE-2023-20880 | 1 Vmware | 2 Aria Operations, Cloud Foundation | 2024-02-04 | N/A | 6.7 MEDIUM |
| VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. | |||||