Vmware : Security Vulnerabilities, CVEs, CVSS score between 5 and 7.99
VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.
Max CVSS
7.1
EPSS Score
0.04%
Published
2024-03-05
Updated
2024-03-05
VMware ESXi contains an out-of-bounds write vulnerability. A malicious actor with privileges within the VMX process may trigger an out-of-bounds write leading to an escape of the sandbox.
Max CVSS
7.9
EPSS Score
0.04%
Published
2024-03-05
Updated
2024-03-05
VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure.
Max CVSS
5.9
EPSS Score
0.04%
Published
2024-02-29
Updated
2024-02-29
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-10
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.
Max CVSS
6.4
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-10
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
Max CVSS
7.8
EPSS Score
0.04%
Published
2024-02-06
Updated
2024-02-10
In Spring Cloud Contract, versions 4.1.x prior to 4.1.1, versions 4.0.x prior to 4.0.5, and versions 3.1.x prior to 3.1.10, test execution is vulnerable to local information disclosure via temporary directory created with unsafe permissions through the shaded com.google.guava:guava dependency in the org.springframework.cloud:spring-cloud-contract-shade dependency.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-01-31
Updated
2024-02-09
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
Max CVSS
6.7
EPSS Score
0.04%
Published
2024-02-21
Updated
2024-02-22
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC
* Spring Security 6.1.6+ or 6.2.1+ is on the classpath
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions.
Max CVSS
7.5
EPSS Score
0.05%
Published
2024-01-22
Updated
2024-01-29
The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0.
Max CVSS
7.5
EPSS Score
0.21%
Published
2023-10-25
Updated
2023-11-01
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the
/dev/uinput file descriptor allowing them to simulate user inputs.
Max CVSS
7.4
EPSS Score
0.04%
Published
2023-10-27
Updated
2023-11-26
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c6d3ad8ba472/vim.vm.guest.AliasManager.html .
Max CVSS
7.5
EPSS Score
0.11%
Published
2023-10-27
Updated
2024-02-01
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-27
Updated
2023-11-07
In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC or Spring WebFlux
* org.springframework.boot:spring-boot-actuator is on the classpath
Max CVSS
6.5
EPSS Score
0.04%
Published
2023-11-28
Updated
2023-12-21
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition.
Specifically, an application is vulnerable when all of the following are true:
* the application uses Spring MVC or Spring WebFlux
* io.micrometer:micrometer-core is on the classpath
* an ObservationRegistry is configured in the application to record observations
Typically, Spring Boot applications need the org.springframework.boot:spring-boot-actuator dependency to meet all conditions.
Max CVSS
7.5
EPSS Score
0.05%
Published
2023-11-28
Updated
2023-12-14
VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could result in authentication bypass.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-10-20
Updated
2023-10-30
In spring AMQP versions 1.0.0 to
2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class
names were added to Spring AMQP, allowing users to lock down deserialization of
data in messages from untrusted sources; however by default, when no allowed
list was provided, all classes could be deserialized.
Specifically, an application is
vulnerable if
* the
SimpleMessageConverter or SerializerMessageConverter is used
* the user
does not configure allowed list patterns
* untrusted
message originators gain permissions to write messages to the RabbitMQ
broker to send malicious content
Max CVSS
5.0
EPSS Score
0.05%
Published
2023-10-19
Updated
2023-10-25
VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use)
vulnerability that occurs during installation for the first time (the
user needs to drag or copy the application to a folder from the '.dmg'
volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may
exploit this vulnerability to escalate privileges to root on the system
where Fusion is installed or being installed for the first time.
Max CVSS
7.0
EPSS Score
0.04%
Published
2023-10-20
Updated
2023-10-28
VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs during
installation for the first time (the user needs to drag or copy the
application to a folder from the '.dmg' volume) or when installing an
upgrade. A malicious actor with local non-administrative user privileges may
exploit this vulnerability to escalate privileges to root on the system
where Fusion is installed or being installed for the first time.
Max CVSS
7.8
EPSS Score
0.04%
Published
2023-10-20
Updated
2023-10-28
VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds
read vulnerability that exists in the functionality for sharing host
Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual
machine may be able to read privileged information contained in
hypervisor memory from a virtual machine.
Max CVSS
7.1
EPSS Score
0.05%
Published
2023-10-20
Updated
2023-10-28
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
Max CVSS
6.7
EPSS Score
0.04%
Published
2023-09-27
Updated
2023-09-29
The spring-security.xsd file inside the
spring-security-config jar is world writable which means that if it were
extracted it could be written by anyone with access to the file system.
While there are no known exploits, this is an example of “CWE-732:
Incorrect Permission Assignment for Critical Resource” and could result
in an exploit. Users should update to the latest version of Spring
Security to mitigate any future exploits found around this issue.
Max CVSS
5.5
EPSS Score
0.04%
Published
2024-02-05
Updated
2024-02-12
In Spring for Apache Kafka 3.0.9 and earlier and versions 2.9.10 and earlier, a possible deserialization attack vector existed, but only if unusual configuration was applied. An attacker would have to construct a malicious serialized object in one of the deserialization exception record headers.
Specifically, an application is vulnerable when all of the following are true:
* The user does not configure an ErrorHandlingDeserializer for the key and/or value of the record
* The user explicitly sets container properties checkDeserExWhenKeyNull and/or checkDeserExWhenValueNull container properties to true.
* The user allows untrusted sources to publish to a Kafka topic
By default, these properties are false, and the container only attempts to deserialize the headers if an ErrorHandlingDeserializer is configured. The ErrorHandlingDeserializer prevents the vulnerability by removing any such malicious headers before processing the record.
Max CVSS
7.8
EPSS Score
0.05%
Published
2023-08-24
Updated
2023-10-18
VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.
Max CVSS
5.3
EPSS Score
0.05%
Published
2023-08-04
Updated
2023-08-09
VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.
Max CVSS
5.3
EPSS Score
0.05%
Published
2023-08-04
Updated
2023-08-09