Applications that use UriComponentsBuilder in Spring Framework to parse an externally provided URL (e.g. through a query parameter) AND perform validation checks on the host of the parsed URL may be vulnerable to a open redirect https://cwe.mitre.org/data/definitions/601.html  attack or to a SSRF attack if the URL is used after passing validation checks. This is the same as CVE-2024-22243 https://spring.io/security/cve-2024-22243 , but with different input.
Max CVSS
8.1
EPSS Score
0.04%
Published
2024-03-16
Updated
2024-03-17
In Spring Security, versions 5.7.x prior to 5.7.12, 5.8.x prior to 5.8.11, versions 6.0.x prior to 6.0.9, versions 6.1.x prior to 6.1.8, versions 6.2.x prior to 6.2.3, an application is possible vulnerable to broken access control when it directly uses the AuthenticatedVoter#vote passing a null Authentication parameter.
Max CVSS
9.8
EPSS Score
0.04%
Published
2024-03-18
Updated
2024-03-18
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Max CVSS
9.3
EPSS Score
0.04%
Published
2024-03-05
Updated
2024-03-05
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed.
Max CVSS
9.3
EPSS Score
0.04%
Published
2024-03-05
Updated
2024-03-05
Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.
Max CVSS
9.9
EPSS Score
0.04%
Published
2024-01-16
Updated
2024-01-25

CVE-2023-34060

Public exploit
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . This bypass is not present on port 443 (VCD provider and tenant login). On a new installation of VMware Cloud Director Appliance 10.5, the bypass is not present. VMware Cloud Director Appliance is impacted since it uses an affected version of sssd from the underlying Photon OS. The sssd issue is no longer present in versions of Photon OS that ship with sssd-2.8.1-11 or higher (Photon OS 3) or sssd-2.8.2-9 or higher (Photon OS 4 and 5).
Max CVSS
9.8
EPSS Score
0.10%
Published
2023-11-14
Updated
2023-11-21
VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
Max CVSS
9.8
EPSS Score
0.17%
Published
2023-10-20
Updated
2023-10-30

CVE-2023-34048

Known exploited
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
Max CVSS
9.8
EPSS Score
3.06%
Published
2023-10-25
Updated
2024-01-23
CISA KEV Added
2024-01-22

CVE-2023-34039

Public exploit
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Networks CLI.
Max CVSS
9.8
EPSS Score
90.71%
Published
2023-08-29
Updated
2024-01-09
Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and Spring WebFlux, and the potential for a security bypass.
Max CVSS
9.8
EPSS Score
0.21%
Published
2023-07-19
Updated
2023-08-14
Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability.
Max CVSS
9.1
EPSS Score
0.08%
Published
2023-05-15
Updated
2023-05-25
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
Max CVSS
9.8
EPSS Score
0.13%
Published
2023-06-22
Updated
2023-07-13
The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.
Max CVSS
9.8
EPSS Score
0.15%
Published
2023-06-22
Updated
2023-07-13
The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.
Max CVSS
9.8
EPSS Score
0.11%
Published
2023-06-22
Updated
2023-07-13
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server.
Max CVSS
9.8
EPSS Score
0.11%
Published
2023-06-22
Updated
2023-07-13
Aria Operations for Networks contains an authenticated deserialization vulnerability. A malicious actor with network access to VMware Aria Operations for Networks and valid 'member' role credentials may be able to perform a deserialization attack resulting in remote code execution.
Max CVSS
8.8
EPSS Score
33.47%
Published
2023-06-07
Updated
2023-06-14

CVE-2023-20887

Known exploited
Public exploit
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
Max CVSS
9.8
EPSS Score
96.41%
Published
2023-06-07
Updated
2023-07-26
CISA KEV Added
2023-06-22
VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-10-31
Updated
2023-11-08
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation.
Max CVSS
8.8
EPSS Score
0.05%
Published
2023-05-12
Updated
2023-06-02
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+.
Max CVSS
9.8
EPSS Score
0.36%
Published
2023-04-20
Updated
2023-08-28
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
Max CVSS
8.8
EPSS Score
0.04%
Published
2023-04-25
Updated
2023-05-04
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
Max CVSS
8.2
EPSS Score
0.16%
Published
2023-04-25
Updated
2023-05-04
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
Max CVSS
9.8
EPSS Score
29.09%
Published
2023-04-20
Updated
2023-05-02
VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user.
Max CVSS
8.8
EPSS Score
0.12%
Published
2023-02-01
Updated
2023-02-08
VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges.
Max CVSS
8.8
EPSS Score
0.17%
Published
2023-02-22
Updated
2023-03-03
218 vulnerabilities found
1 2 3 4 5 6 7 8 9
This web site uses cookies for managing your session, storing preferences, website analytics and additional purposes described in our privacy policy.
By using this web site you are agreeing to CVEdetails.com terms of use!