Page 3 of 13 results (0.009 seconds)

CVSS: 6.0EPSS: 0%CPEs: 1EXPL: 0

Multiple unspecified vulnerabilities in the Virtual Appliance Management Infrastructure (VAMI) in VMware Studio 2.0 allow remote authenticated users to execute arbitrary commands via vectors involving (1) the Studio virtual appliance or (2) a virtual appliance created by the Studio virtual appliance. Múltiples vulnerabilidades no especificadas en el Virtual Appliance Management Infrastructure (VAMI) en VMware Studio v2.0 permite a usuarios remotos autenticados ejecutar comandos a su elección a través de vectores que involucran (1) el virtual appliance Studio o (2) un virtual appliance creado por el virtual appliance Studio. • http://lists.vmware.com/pipermail/security-announce/2010/000101.html http://secunia.com/advisories/40507 http://securitytracker.com/id?1024187 http://www.securityfocus.com/archive/1/512311/100/0/threaded http://www.securityfocus.com/bid/41566 http://www.vupen.com/english/advisories/2010/1791 http://www.wmware.com/security/advisories/VMSA-2010-0011.html https://exchange.xforce.ibmcloud.com/vulnerabilities/60350 •

CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0

Directory traversal vulnerability in a support component in the web interface in VMware Studio 2.0 public beta before build 1017-185256 allows remote attackers to upload files to arbitrary locations via unspecified vectors. Vulnerabilidad de salto de directorio en un componente de apoyo en la interfaz web en VMware Studio 2.0 public beta en versiones anteriores a la build 1017-185256 permite a atacantes remotos subir ficheros a ubicaciones de su elección mediante vectores no especificados. • http://lists.vmware.com/pipermail/security-announce/2009/000064.html http://www.securityfocus.com/archive/1/506191/100/0/threaded http://www.securityfocus.com/bid/36199 http://www.vmware.com/security/advisories/VMSA-2009-0011.html http://www.vmware.com/support/developer/studio/studio20/release_notes.html http://www.vupen.com/english/advisories/2009/2501 https://exchange.xforce.ibmcloud.com/vulnerabilities/52976 • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 10.0EPSS: 1%CPEs: 1EXPL: 1

Omnis Studio 2.4 uses weak encryption (trivial encoding) for encrypting database fields. • https://www.exploit-db.com/exploits/19967 http://archives.neohapsis.com/archives/bugtraq/2000-05/0311.html http://www.securityfocus.com/bid/1255 •