CVSS: 5.6EPSS: 0%CPEs: 11EXPL: 0CVE-2019-3901 – kernel: perf_event_open() and execve() race in setuid programs allows a data leak
https://notcve.org/view.php?id=CVE-2019-3901
22 Apr 2019 — A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. ... A race condition in perf_event_open() allows local attackers to leak sensitive data from setuid programs. • http://www.securityfocus.com/bid/89937 • CWE-667: Improper Locking •
CVSS: 6.8EPSS: 0%CPEs: 120EXPL: 0CVE-2019-5517
https://notcve.org/view.php?id=CVE-2019-5517
15 Apr 2019 — VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain multiple out-of-bounds read vulnerabilities in the shader translator. ... Successful exploitation of these issues may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. ... La actualizaciones de VMware
CVSS: 5.9EPSS: 0%CPEs: 120EXPL: 0CVE-2019-5520 – VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2019-5520
15 Apr 2019 — VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds read vulnerability. ... La actualizaciones de VMware ESXi (versiones 6.7 anteriores a ESXi670-201904101-SG y 6.5 anteriores a ESXi650-201903001), Workstation (versiones 15.x anteriores a 15.0.3 y 14.x anteriores a 14.1.6), Fusion (versiones 11.x anteriores a 11.0.3 y 10.x ante... • https://www.vmware.com/security/advisories/VMSA-2019-0006.html • CWE-125: Out-of-bounds Read •
CVSS: 6.8EPSS: 0%CPEs: 120EXPL: 0CVE-2019-5516
https://notcve.org/view.php?id=CVE-2019-5516
15 Apr 2019 — VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds vulnerability with the vertex shader functionality. ... Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. ... La actualizaciones de VMwa... • https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0762 • CWE-125: Out-of-bounds Read •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-5513 – VMware Security Advisory 2019-0003
https://notcve.org/view.php?id=CVE-2019-5513
15 Mar 2019 — VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8) contains an information disclosure vulnerability. ... VMware Horizon Connection Server (7.x anterior a la versión 7.8, 7.5.x anterior de 7.5.2, 6.x anterior de 6.2.8) contiene una vulnerabilidad de divulgación de información. ... VMware Horizon update addresses Connection Server an information disclosure vulnerability. • https://www.vmware.com/security/advisories/VMSA-2019-0003.html •
CVSS: 6.5EPSS: 0%CPEs: 170EXPL: 0CVE-2018-6982 – VMware Security Advisory 2018-0027
https://notcve.org/view.php?id=CVE-2018-6982
09 Nov 2018 — VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest. VMware ESXi 6.7 sin ESXi670-201811401-BG y VMware ESXi 6.5 sin ESXi650-201811301-BG contiene un uso de memoria de la pila no inicializada en el adaptador de red virtual vmxnet3, lo que podría conducir a una fuga de información del host al... • http://www.securityfocus.com/bid/105882 • CWE-908: Use of Uninitialized Resource •
CVSS: 7.4EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6979 – VMware Security Advisory 2018-0024
https://notcve.org/view.php?id=CVE-2018-6979
04 Oct 2018 — The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. ... This vulnerability is also relevant if certificate-based authentication is not enabled, but the outcome of exploitation is limited to an informatio... • http://www.securitytracker.com/id/1041808 •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2018-6970 – VMWare Horizon Client wswc_sharedMem_shared Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-6970
07 Aug 2018 — VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. ... VMware Horizon 6 (6.x.x en versiones anteriores a la 6.2.7), Horizon 7 (7.... • http://www.securityfocus.com/bid/105031 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6971 – VMware Security Advisory 2018-0018
https://notcve.org/view.php?id=CVE-2018-6971
20 Jul 2018 — VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). ... VMware Horizon View Agents (versiones 7.x.x anteriores a la 7.5.1) contienen una vulnerabilidad de divulgación de información local debido al registro inseguro de credenciales en el archivo vmmsi... • http://www.securityfocus.com/bid/104883 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6969 – VMware Security Advisory 2018-0017
https://notcve.org/view.php?id=CVE-2018-6969
13 Jul 2018 — VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. ... VMware Tools ( versiones 10.x y anteriores antes de la 10.3.0) contiene una vulnerabilidad de lectura fuera de límites en HGFS. ... VMware Tools update addresses an out-of-bounds read vulnerability. • http://www.securityfocus.com/bid/104737 • CWE-125: Out-of-bounds Read •