CVSS: 7.5EPSS: 0%CPEs: 9EXPL: 0CVE-2023-34058 – open-vm-tools: SAML token signature bypass
https://notcve.org/view.php?id=CVE-2023-34058
27 Oct 2023 — VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has been assigned a more privileged Guest Alias https://vdc-download.vmware.com/vmwb-repository/dcr-public/d1902b0e-d479-46bf-8ac9-cee0e31e8ec0/07ce8dbd-db48-4261-9b8f-c... • http://www.openwall.com/lists/oss-security/2023/10/27/1 • CWE-347: Improper Verification of Cryptographic Signature CWE-1220: Insufficient Granularity of Access Control •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34057
https://notcve.org/view.php?id=CVE-2023-34057
27 Oct 2023 — VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may elevate privileges within the virtual machine. VMware Tools contiene una vulnerabilidad de escalada de privilegios local. Un actor malintencionado con acceso de usuario local a una máquina virtual invitada puede elevar los privilegios dentro de la máquina virtual. VMware Tools contains a local privilege escalation vulnerability. • https://www.vmware.com/security/advisories/VMSA-2023-0024.html • CWE-269: Improper Privilege Management •
CVSS: 4.3EPSS: 0%CPEs: 38EXPL: 0CVE-2023-34056 – VMware vCenter Server Partial Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2023-34056
25 Oct 2023 — vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data. vCenter Server contiene una vulnerabilidad de divulgación parcial de información. Un actor malintencionado con privilegios no administrativos para vCenter Server puede aprovechar este problema para acceder a datos no autorizados. vCenter Server contains a partial information disclosure vulnerability. A malicious ac... • https://www.vmware.com/security/advisories/VMSA-2023-0023.html • CWE-922: Insecure Storage of Sensitive Information •
CVSS: 10.0EPSS: 51%CPEs: 37EXPL: 0CVE-2023-34048 – VMware vCenter Server Out-of-Bounds Write Vulnerability
https://notcve.org/view.php?id=CVE-2023-34048
25 Oct 2023 — vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution. vCenter Server contiene una vulnerabilidad de escritura fuera de los límites en la implementación del protocolo DCERPC. Un actor malintencionado con acceso a la red de vCenter Server puede desencadenar una escritura fuera de los límites que podría conducir a la ejecuc... • https://www.vmware.com/security/advisories/VMSA-2023-0023.html • CWE-787: Out-of-bounds Write •
CVSS: 10.0EPSS: 0%CPEs: 3EXPL: 1CVE-2023-44794
https://notcve.org/view.php?id=CVE-2023-44794
25 Oct 2023 — An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. Un problema en Dromara SaToken versión 1.36.0 y anteriores permite a un atacante remoto escalar privilegios a través de un payload manipulado a la URL. • https://github.com/dromara/Sa-Token/issues/515 • CWE-284: Improper Access Control •
CVSS: 6.1EPSS: 0%CPEs: 2EXPL: 0CVE-2023-46118 – Denial of Service by publishing large messages over the HTTP API
https://notcve.org/view.php?id=CVE-2023-46118
24 Oct 2023 — RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it vulnerable for denial of service (DoS) attacks with very large messages. An authenticated user with sufficient credentials can publish a very large messages over the HTTP API and cause target node to be terminated by an "out-of-memory killer"-like mechanism. This vulnerability has been patched in versions 3.11.24 and 3.12.7. RabbitMQ es un corredor de transmisión y mensajería multiprot... • https://github.com/rabbitmq/rabbitmq-server/security/advisories/GHSA-w6cq-9cf4-gqpg • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2023-46120 – RabbitMQ Java client's lack of message size limitation leads to remote DoS attack
https://notcve.org/view.php?id=CVE-2023-46120
24 Oct 2023 — The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxBodyLebgth` was not used when receiving Message objects. Attackers could send a very large Message causing a memory overflow and triggering an OOM Error. Users of RabbitMQ may suffer from DoS attacks from RabbitMQ Java client which will ultimately exhaust the memory of the consumer. This vulnerability was patched in version 5.18.0. • https://github.com/rabbitmq/rabbitmq-java-client/commit/714aae602dcae6cb4b53cadf009323ebac313cc8 • CWE-400: Uncontrolled Resource Consumption •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34045 – VMware Fusion installer local privilege escalation
https://notcve.org/view.php?id=CVE-2023-34045
20 Oct 2023 — VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time. VMware Fusion (13.x anterior a 13.5) contiene una vulne... • https://www.vmware.com/security/advisories/VMSA-2023-0022.html • CWE-269: Improper Privilege Management •
CVSS: 7.0EPSS: 0%CPEs: 2EXPL: 0CVE-2023-34046 – VMware Fusion TOCTOU local privilege escalation vulnerability
https://notcve.org/view.php?id=CVE-2023-34046
20 Oct 2023 — VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing an upgrade. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed or being installed for the first time. VMware Fusion (13.x anterior a 13.5) contiene u... • https://www.vmware.com/security/advisories/VMSA-2023-0022.html • CWE-367: Time-of-check Time-of-use (TOCTOU) Race Condition •
CVSS: 7.1EPSS: 0%CPEs: 3EXPL: 0CVE-2023-34044 – Information disclosure vulnerability in bluetooth device-sharing functionality
https://notcve.org/view.php?id=CVE-2023-34044
20 Oct 2023 — VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. VMware Workstation (17.x anterior a 17.5) y Fusion (13.x anterior a 13.5) contienen una vulnerabilidad de lectura fuera de límite... • https://www.vmware.com/security/advisories/VMSA-2023-0022.html • CWE-125: Out-of-bounds Read •