Page 137 of 880 results (0.008 seconds)

CVSS: 7.9EPSS: 0%CPEs: 14EXPL: 0

Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder." Vulnerabilidad de ruta de búsqueda no confiable en VMware Workstation v8.x antes de v8.0.5 y VMware Player v4.x antes de v4.0.5 en Windows, permite a a los usuarios del sistema operativo anfitrión, ganar privilejos del sistema operativo anfitrión a través de una DLL caballo de troya en una "carpeta del sistema". • http://osvdb.org/87119 http://www.securityfocus.com/bid/56470 http://www.vmware.com/security/advisories/VMSA-2012-0015.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79923 •

CVSS: 9.3EPSS: 96%CPEs: 15EXPL: 2

Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file. Vulnerabilidad de formato de cadena en VMware OVF Tool v2.1 en Windows, tal y como se utiliza en VMware Workstation v8x antes de v8.0.5, v4.x VMware Player antes de v4.0.5, y otros productos, permite ejecutar código de su elección a atacantes remotos asistidos por un usuario local a través de un archivo OVF debidamente modificado. • https://www.exploit-db.com/exploits/24461 https://www.exploit-db.com/exploits/24460 http://osvdb.org/87117 http://packetstormsecurity.com/files/120101/VMWare-OVF-Tools-Format-String.html http://secunia.com/advisories/51240 http://technet.microsoft.com/en-us/security/msvr/msvr13-002 http://www.vmware.com/security/advisories/VMSA-2012-0015.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79922 • CWE-134: Use of Externally-Controlled Format String •

CVSS: 8.3EPSS: 0%CPEs: 14EXPL: 0

VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application. VMware Workstation v8.x antes de v8.0.5 y VMware Player v4.x antes de v4.0.5 en Windows utiliza permisos débiles para hilos de proceso no especificados, lo que permite a los usuarios del sistema operativo de host para obtener privilegios del sistema operativo de host a través de una aplicación diseñada. • http://osvdb.org/87118 http://www.securityfocus.com/bid/56469 http://www.vmware.com/security/advisories/VMSA-2012-0015.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79924 • CWE-264: Permissions, Privileges, and Access Controls •

CVSS: 4.3EPSS: 0%CPEs: 3EXPL: 0

Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados en el servidor en VMware vCenter Operations (también conocido como vCOps) anteriores a v5.0.x permite a atacantes remotos inyectar secuencias de comandos web o HTML a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0069.html http://osvdb.org/85959 http://secunia.com/advisories/50795 http://www.securitytracker.com/id?1027612 http://www.vmware.com/security/advisories/VMSA-2012-0014.html https://exchange.xforce.ibmcloud.com/vulnerabilities/79044 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors. Vulnerabilidades de salto de directorio en VMware CapacityIQ v1.5.x, permite a atacantes remotos incluir y ejecutar ficheros locales a través de vectores no especificados. • http://archives.neohapsis.com/archives/bugtraq/2012-10/0069.html http://www.securityfocus.com/bid/55808 http://www.vmware.com/security/advisories/VMSA-2012-0014.html • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •