CVE-2022-31676 – open-vm-tools: local root privilege escalation in the virtual machine
https://notcve.org/view.php?id=CVE-2022-31676
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine. VMware Tools (versiones 12.0.0, 11.x.y y 10.x.y) contiene una vulnerabilidad de escalada de privilegios local. Un actor malicioso con acceso local no administrativo al Sistema Operativo invitado puede escalar privilegios como usuario root en la máquina virtual. A flaw was found in open-vm-tools. • http://www.openwall.com/lists/oss-security/2022/08/23/3 https://lists.debian.org/debian-lts-announce/2022/08/msg00013.html https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/C5VV2R4LV4T3SNQJYRLFD4C75HBDVV76 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/O4TZF6QRJIDECGMEGBPXJCHZ6YC3VZ6Z https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ZA63DWRW7HROTVBNRIPBJQWBYIYAQMEW https://security.gentoo.org/glsa/202 • CWE-250: Execution with Unnecessary Privileges CWE-269: Improper Privilege Management •
CVE-2022-22977
https://notcve.org/view.php?id=CVE-2022-22977
VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a denial-of-service condition or unintended information disclosure. VMware Tools para Windows (versiones 12.0.0, 11.x.y y 10.x.y) contiene una vulnerabilidad de tipo XML External Entity (XXE). Un actor malicioso con privilegios de usuario local no administrativo en el Sistema Operativo invitado Windows, donde está instalado VMware Tools, puede explotar este problema conllevando a una condición de denegación de servicio o una divulgación de información no intencionada • https://www.vmware.com/security/advisories/VMSA-2022-0015.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2022-22943
https://notcve.org/view.php?id=CVE-2022-22943
VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path vulnerability. A malicious actor with local administrative privileges in the Windows guest OS, where VMware Tools is installed, may be able to execute code with system privileges in the Windows guest OS due to an uncontrolled search path element. VMware Tools para Windows (versiones 11.x.y y versiones 10.x.y anteriores a 12.0.0) contiene una vulnerabilidad de ruta de búsqueda no controlada. Un actor malicioso con privilegios administrativos locales en el Sistema Operativo invitado Windows, donde está instalado VMware Tools, puede ser capaz de ejecutar código con privilegios de sistema en el sistema operativo invitado Windows debido a un elemento de ruta de búsqueda no controlado • https://www.vmware.com/security/advisories/VMSA-2022-0007.html • CWE-427: Uncontrolled Search Path Element •
CVE-2021-31693 – Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.5.68 - Reflected Cross-Site Scripting <= 1.5.68 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-31693
The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via album_gallery_id_0, bwg_album_search_0, and type_0 for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-46889. NOTE: VMware information, previously connected to this CVE ID because of a typo, is at CVE-2022-31693. El complemento 10Web Photo Gallery hasta la versión 1.5.68 para WordPress permite Cross Site Scripting (XSS) a través de album_gallery_id_0, bwg_album_search_0 y type_0 para bwg_frontend_data. NOTA: otros parámetros están cubiertos por CVE-2021-24291, CVE-2021-25041 y CVE-2021-46889. NOTA: La información de VMware, previamente conectada a este ID de CVE debido a un error tipográfico, se encuentra en CVE-2022-31693. The Photo Gallery by 10Web plugin for WordPress is vulnerable to Reflected Cross-Site Scripting via the 'album_gallery_id_0', 'bwg_album_search_0', and 'type_0' parameters in versions up to, and including, 1.5.68 due to insufficient input sanitization and output escaping. • https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2020-3941
https://notcve.org/view.php?id=CVE-2020-3941
The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. La operación de reparación de VMware Tools para Windows versiones 10.x.y, tiene una condición de carrera que puede permitir una escalada de privilegios en la máquina virtual donde está instalado Tools. Esta vulnerabilidad no está presente en VMware Tools versiones 11.x.y ya que la funcionalidad afectada no está presente en VMware Tools versión 11. • https://www.vmware.com/security/advisories/VMSA-2020-0002.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •