PRIOn Logo

Search KB


Search our pre-analyzed vulnerability database

Total Results: 1901

of 96

Published:   Updated:

Vulnerability Type: Information disclosure

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.3

VMware Cloud Director contains a partial information disclosure vulnerability. A malicious actor can potentially gather information about organization names based on the behavior of the instance.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.8

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account.

Published:   Updated:

Vulnerability Type: Remote file inclusion

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.9

Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information.

Published:   Updated:

Vulnerability Type: Privilege escalation

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.

Published:   Updated:

Vulnerability Type: Cross site scripting

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.8

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.

Published:   Updated:

Vulnerability Type: Privilege escalation

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.8

Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

The spring-security.xsd file inside the spring-security-config jar is world writable which means that if it were extracted it could be written by anyone with access to the file system. While there are no known exploits, this is an example of “CWE-732: Incorrect Permission Assignment for Critical Resource” and could result in an exploit. Users should update to the latest version of Spring Security to mitigate any future exploits found around this issue.

Published:   Updated:

Vulnerability Type: Information disclosure

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v35.5

In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in the org.springframework.cloud:spring-cloud-contract-shade dependency.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Hitachi
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.1

Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 through 04.9.2.

Published:   Updated:

Vulnerability Type: Memory corruption

Vendor(s):  Vmware
Significant
Remediate Within one Month
CVSS v2N/ACVSS v37.5

In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC * Spring Security 6.1.6+ or 6.2.1+ is on the classpath Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions.

Published:   Updated:

Vulnerability Type: Improper access control

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v38.3

Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.

Published:   Updated:

Vulnerability Type: Integer overflow

Vendor(s):  Linux, Netapp
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.4

An out-of-bounds memory read flaw was found in receive_encrypted_standard in fs/smb/client/smb2ops.c in the SMB Client sub-component in the Linux Kernel. This issue occurs due to integer underflow on the memcpy length, leading to a denial of service.

Published:   Updated:

Vulnerability Type: Privilege escalation

Vendor(s):  Vmware
Significant
Remediate Within one Month
CVSS v2N/ACVSS v37.8

The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.

Published:   Updated:

Vulnerability Type: Privilege escalation

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v34.6

Workspace ONE Launcher contains a Privilege Escalation Vulnerability. A malicious actor with physical access to Workspace ONE Launcher could utilize the Edge Panel feature to bypass setup to gain access to sensitive information.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.5

In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * org.springframework.boot:spring-boot-actuator is on the classpath

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37.5

In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC or Spring WebFlux * io.micrometer:micrometer-core is on the classpath * an ObservationRegistry is configured in the application to record observations Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions.

Published:   Updated:

Vulnerability Type: Authentication flaw

Vendor(s):  Vmware
Significant
Remediate Within one Month
CVSS v2N/ACVSS v39.8

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present. VMware Cloud Director Appliance is impacted since it uses an affected version of sssd from the underlying Photon OS. The sssd issue is no longer present in versions of Photon OS that ship with sssd-2.8.1-11 or higher (Photon OS 3) or sssd-2.8.2-9 or higher (Photon OS 4 and 5).

Published:   Updated:

Vulnerability Type: Double free

Vendor(s):  Linux, Netapp, Redhat
Significant
Remediate Within one Month
CVSS v2N/ACVSS v39.8

A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe/TCP subsystem in the Linux kernel. This issue may allow a malicious user to cause a use-after-free and double-free problem, which may permit remote code execution or lead to local privilege escalation.

Published:   Updated:

Vulnerability Type: Open redirect

Vendor(s):  Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v36.1

VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user.

Published:   Updated:

Vulnerability Type: Design/Logic Flaw

Vendor(s):  Debian, Vmware
Routine
Remediate Within 6 Months
CVSS v2N/ACVSS v37

open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.

of 96