Filtered by vendor Vmware
Subscribe
Total
909 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2020-5412 | 1 Vmware | 1 Spring Cloud Netflix | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Spring Cloud Netflix, versions 2.2.x prior to 2.2.4, versions 2.1.x prior to 2.1.6, and older unsupported versions allow applications to use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. A malicious user, or attacker, can send a request to other servers that should not be exposed publicly. | |||||
| CVE-2020-5408 | 2 Pivotal Software, Vmware | 2 Spring Security, Spring Security | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| Spring Security versions 5.3.x prior to 5.3.2, 5.2.x prior to 5.2.4, 5.1.x prior to 5.1.10, 5.0.x prior to 5.0.16 and 4.2.x prior to 4.2.16 use a fixed null initialization vector with CBC Mode in the implementation of the queryable text encryptor. A malicious user with access to the data that has been encrypted using such an encryptor may be able to derive the unencrypted values using a dictionary attack. | |||||
| CVE-2020-5406 | 1 Vmware | 1 Tanzu Application Service For Vms | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| VMware Tanzu Application Service for VMs, 2.6.x versions prior to 2.6.18, 2.7.x versions prior to 2.7.11, and 2.8.x versions prior to 2.8.5, includes a version of PCF Autoscaling that writes database connection properties to its log, including database username and password. A malicious user with access to those logs may gain unauthorized access to the database being used by Autoscaling. | |||||
| CVE-2020-5405 | 1 Vmware | 1 Spring Cloud Config | 2024-11-21 | 4.3 MEDIUM | 6.5 MEDIUM |
| Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user, or attacker, can send a request using a specially crafted URL that can lead a directory traversal attack. | |||||
| CVE-2020-5398 | 3 Netapp, Oracle, Vmware | 33 Data Availability Services, Snapcenter, Application Testing Suite and 30 more | 2024-11-21 | 7.6 HIGH | 7.5 HIGH |
| In Spring Framework, versions 5.2.x prior to 5.2.3, versions 5.1.x prior to 5.1.13, and versions 5.0.x prior to 5.0.16, an application is vulnerable to a reflected file download (RFD) attack when it sets a "Content-Disposition" header in the response where the filename attribute is derived from user supplied input. | |||||
| CVE-2020-5397 | 2 Oracle, Vmware | 27 Application Testing Suite, Communications Brm - Elastic Charging Engine, Communications Diameter Signaling Router and 24 more | 2024-11-21 | 2.6 LOW | 5.3 MEDIUM |
| Spring Framework, versions 5.2.x prior to 5.2.3 are vulnerable to CSRF attacks through CORS preflight requests that target Spring MVC (spring-webmvc module) or Spring WebFlux (spring-webflux module) endpoints. Only non-authenticated endpoints are vulnerable because preflight requests should not include credentials and therefore requests should fail authentication. However a notable exception to this are Chrome based browsers when using client certificates for authentication since Chrome sends TLS client certificates in CORS preflight requests in violation of spec requirements. No HTTP body can be sent or received as a result of this attack. | |||||
| CVE-2020-5396 | 1 Vmware | 2 Gemfire, Tanzu Gemfire For Virtual Machines | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| VMware GemFire versions prior to 9.10.0, 9.9.2, 9.8.7, and 9.7.6, and VMware Tanzu GemFire for VMs versions prior to 1.11.1 and 1.10.2, when deployed without a SecurityManager, contain a JMX service available which contains an insecure default configuration. This allows a malicious user to create an MLet mbean leading to remote code execution. | |||||
| CVE-2020-4008 | 2 Apple, Vmware | 2 Macos, Carbon Black Cloud | 2024-11-21 | 3.3 LOW | 3.6 LOW |
| The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way. A malicious actor who has local access to the endpoint on which a macOS sensor is going to be installed, may overwrite a limited number of files with output from the sensor installation. | |||||
| CVE-2020-4005 | 1 Vmware | 2 Cloud Foundation, Esxi | 2024-11-21 | 7.2 HIGH | 7.8 HIGH |
| VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only, may escalate their privileges on the affected system. Successful exploitation of this issue is only possible when chained with another vulnerability (e.g. CVE-2020-4004) | |||||
| CVE-2020-4004 | 2 Apple, Vmware | 5 Mac Os X, Cloud Foundation, Esxi and 2 more | 2024-11-21 | 4.6 MEDIUM | 8.2 HIGH |
| VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | |||||
| CVE-2020-4003 | 1 Vmware | 1 Sd-wan Orchestrator | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| VMware SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 was found to be vulnerable to SQL-injection attacks allowing for potential information disclosure. An authenticated SD-WAN Orchestrator user may inject code into SQL queries which may lead to information disclosure. | |||||
| CVE-2020-4002 | 1 Vmware | 1 Sd-wan Orchestrator | 2024-11-21 | 6.5 MEDIUM | 7.2 HIGH |
| The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 handles system parameters in an insecure way. An authenticated SD-WAN Orchestrator user with high privileges may be able to execute arbitrary code on the underlying operating system. | |||||
| CVE-2020-4001 | 1 Vmware | 1 Sd-wan Orchestrator | 2024-11-21 | 7.5 HIGH | 9.8 CRITICAL |
| The SD-WAN Orchestrator 3.3.2, 3.4.x, and 4.0.x has default passwords allowing for a Pass-the-Hash Attack. SD-WAN Orchestrator ships with default passwords for predefined accounts which may lead to to a Pass-the-Hash attack. | |||||
| CVE-2020-4000 | 1 Vmware | 1 Sd-wan Orchestrator | 2024-11-21 | 6.5 MEDIUM | 8.8 HIGH |
| The SD-WAN Orchestrator 3.3.2 prior to 3.3.2 P3, 3.4.x prior to 3.4.4, and 4.0.x prior to 4.0.1 allows for executing files through directory traversal. An authenticated SD-WAN Orchestrator user is able to traversal directories which may lead to code execution of files. | |||||
| CVE-2020-3999 | 2 Apple, Vmware | 4 Mac Os X, Esxi, Fusion and 1 more | 2024-11-21 | 2.1 LOW | 6.5 MEDIUM |
| VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious actor with normal user privilege access to a virtual machine can crash the virtual machine's vmx process leading to a denial of service condition. | |||||
| CVE-2020-3998 | 2 Microsoft, Vmware | 2 Windows, Horizon Client | 2024-11-21 | 4.0 MEDIUM | 6.5 MEDIUM |
| VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes. | |||||
| CVE-2020-3997 | 1 Vmware | 1 Horizon | 2024-11-21 | 3.5 LOW | 5.4 MEDIUM |
| VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross Site Scripting (XSS) vulnerability. Successful exploitation of this issue may allow an attacker to inject malicious script which will be executed. | |||||
| CVE-2020-3996 | 1 Vmware | 1 Velero | 2024-11-21 | 2.1 LOW | 5.5 MEDIUM |
| Velero (prior to 1.4.3 and 1.5.2) in some instances doesn’t properly manage volume identifiers which may result in information leakage to unauthorized users. | |||||
| CVE-2020-3995 | 2 Apple, Vmware | 5 Mac Os X, Cloud Foundation, Esxi and 2 more | 2024-11-21 | 3.5 LOW | 5.3 MEDIUM |
| In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability. A malicious actor with access to a virtual machine may be able to trigger a memory leak issue resulting in memory resource exhaustion on the hypervisor if the attack is sustained for extended periods of time. | |||||
| CVE-2020-3994 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2024-11-21 | 5.8 MEDIUM | 7.4 HIGH |
| VMware vCenter Server (6.7 before 6.7u3, 6.6 before 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server and an update repository may be able to perform a session hijack when the vCenter Server Appliance Management Interface is used to download vCenter updates. | |||||