CVSS: 6.5EPSS: 0%CPEs: 1EXPL: 0CVE-2021-31693 – Photo Gallery by 10Web – Mobile-Friendly Image Gallery <= 1.5.68 - Reflected Cross-Site Scripting <= 1.5.68 - Reflected Cross-Site Scripting
https://notcve.org/view.php?id=CVE-2021-31693
19 Apr 2021 — The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via album_gallery_id_0, bwg_album_search_0, and type_0 for bwg_frontend_data. NOTE: other parameters are covered by CVE-2021-24291, CVE-2021-25041, and CVE-2021-46889. NOTE: VMware information, previously connected to this CVE ID because of a typo, is at CVE-2022-31693. El complemento 10Web Photo Gallery hasta la versión 1.5.68 para WordPress permite Cross Site Scripting (XSS) a través de album_gallery_id_0, bwg_album_search_0 y type_0 p... • https://packetstormsecurity.com/files/162227/WordPress-Photo-Gallery-1.5.69-Cross-Site-Scripting.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 3.3EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3972
https://notcve.org/view.php?id=CVE-2020-3972
19 Jun 2020 — VMware Tools for macOS (11.x.x and prior before 11.1.1) contains a denial-of-service vulnerability in the Host-Guest File System (HGFS) implementation. Successful exploitation of this issue may allow attackers with non-admin privileges on guest macOS virtual machines to create a denial-of-service condition on their own VMs. VMware Tools para macOS (versiones 11.x.x y versiones anteriores a 11.1.1), contiene una vulnerabilidad de denegación de servicio en la implementación del Host-Guest File System (HGFS). ... • https://www.vmware.com/security/advisories/VMSA-2020-0014.html •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3941
https://notcve.org/view.php?id=CVE-2020-3941
15 Jan 2020 — The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. This vulnerability is not present in VMware Tools 11.x.y since the affected functionality is not present in VMware Tools 11. La operación de reparación de VMware Tools para Windows versiones 10.x.y, tiene una condición de carrera que puede permitir una escalada de privilegios en la máquina virtual donde está instalado Tools. Esta vulnerabilida... • https://www.vmware.com/security/advisories/VMSA-2020-0002.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 7.1EPSS: 0%CPEs: 2EXPL: 0CVE-2019-5522
https://notcve.org/view.php?id=CVE-2019-5522
06 Jun 2019 — VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. This issue is present in versions 10.2.x and 10.3.x prior to 10.3.10. A local attacker with non-administrative access to a Windows guest with VMware Tools installed may be able to leak kernel information or create a denial of service attack on the same Windows guest machine. La actualización de VMware Tools para Windows corrige una vulnerabilidad de lectur... • http://www.securityfocus.com/bid/108673 • CWE-125: Out-of-bounds Read •
CVSS: 7.0EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6969 – VMware Security Advisory 2018-0017
https://notcve.org/view.php?id=CVE-2018-6969
13 Jul 2018 — VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing must be enabled. VMware Tools ( versiones 10.x y anteriores antes de la 10.3.0) contiene una vulnerabilidad de lectura fuera de límites en HGFS. La explotación exitosa de este problema podría conducir a una divulgac... • http://www.securityfocus.com/bid/104737 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 28%CPEs: 7EXPL: 3CVE-2016-5330 – VMware Host Guest Client Redirector - DLL Side Loading
https://notcve.org/view.php?id=CVE-2016-5330
08 Aug 2016 — Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory. Vulnerabilidad de búsqueda de ruta no confiable en la característica HGFS (también conocido como Shared Folders) en VMware Tools 10.0.5 en VMware ESXi 5.0 ... • https://packetstorm.news/files/id/138289 • CWE-426: Untrusted Search Path •