Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34057
VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine.
Vmware Tools
NA
CVE-2023-34048
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
1 Github repository
4 Articles
NA
CVE-2023-34056
vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
1 Article
NA
CVE-2023-46118
RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages...
Vmware Rabbitmq
NA
CVE-2023-46120
The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Us...
Vmware Rabbitmq Java Client
NA
CVE-2023-5633
The reference count changes made as part of the CVE-2023-33951 and CVE-2023-33952 fixes exposed a use-after-free flaw in the way memory objects were handled when they were being used to store a surface. When running inside a VMware guest with 3D acceleration enabled, a local, unp...
Linux Linux Kernel 6.6
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux 9.0
NA
CVE-2023-34045
VMware Fusion(13.x before 13.5) contains a local privilege escalation vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor wi...
Vmware Fusion
NA
CVE-2023-34044
VMware Workstation( 17.x before 17.5) and Fusion(13.x before 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine...
Vmware Workstation
Vmware Fusion
NA
CVE-2023-34046
VMware Fusion(13.x before 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious ...
Vmware Fusion
NA
CVE-2023-34051
VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
Vmware Aria Operations For Logs 8.8
Vmware Aria Operations For Logs 8.6
Vmware Aria Operations For Logs 5.0
Vmware Aria Operations For Logs 4.0
Vmware Aria Operations For Logs 8.10
Vmware Aria Operations For Logs 8.10.2
Vmware Aria Operations For Logs 8.12
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »