cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-38813,https://securityvulnerability.io/vulnerability/CVE-2024-38813,Privilege escalation vulnerability,"A privilege escalation vulnerability exists in VMware vCenter Server, enabling a remote attacker with network access to elevate their privileges to root. This is exploited by sending specially crafted network packets aimed at the vCenter Server. It is crucial for organizations using affected versions to assess their security posture and implement necessary safeguards to protect their systems against potential exploits.",Vmware,"Vmware Vcenter Server,Vmware Cloud Foundation",7.5,HIGH,0.0041600000113248825,true,true,false,true,,false,false,2024-09-17T18:15:00.000Z,0
CVE-2024-38814,https://securityvulnerability.io/vulnerability/CVE-2024-38814,VMware HCX Authenticated SQL Injection Vulnerability,"The article discusses a high-severity SQL injection vulnerability in VMware HCX, tracked as CVE-2024-38814, which allows non-admin users to execute remote code on the HCX manager. The vulnerability was privately reported to VMware, impacting multiple versions of the HCX platform. An authenticated user with non-admin rights could exploit the flaw and execute unauthorized remote code on the HCX manager. The article also mentions that updates are available to remediate this vulnerability in affected VMware products.",VMware,Vmware Hcx,8.8,HIGH,0.0006900000153109431,false,true,false,true,,false,false,2024-10-16T17:15:00.000Z,0
CVE-2024-38812,https://securityvulnerability.io/vulnerability/CVE-2024-38812,vCenter Server Heap Overflow Vulnerability,"A heap-overflow vulnerability exists in the vCenter Server's implementation of the DCERPC protocol, allowing a remote attacker with network access to exploit this weakness. By sending a specially crafted network packet, the attacker may be able to execute arbitrary code on the affected system. This vulnerability poses a significant risk, as it could lead to unauthorized access or control over the system, highlighting the importance of maintaining robust network security practices and applying updates promptly.",VMware,"Vmware Vcenter Server,Vmware Cloud Foundation",9.8,CRITICAL,0.0041600000113248825,true,true,false,true,true,true,true,2024-09-17T18:15:00.000Z,6630
CVE-2024-22245,https://securityvulnerability.io/vulnerability/CVE-2024-22245,Arbitrary Authentication Relay and Session Hijack Vulnerabilities in VMware EAP,"The VMware Enhanced Authentication Plug-in is susceptible to vulnerabilities that enable arbitrary authentication relay and session hijacking. This condition can be exploited by malicious actors who successfully trick a target domain user, with the plug-in installed in their web browser, into requesting service tickets associated with arbitrary Active Directory Service Principal Names (SPNs). Such an attack could potentially allow unauthorized access to sensitive services and data, thereby compromising the integrity of the affected Active Directory environment. Organizations utilizing this plug-in are advised to implement appropriate security measures and consider upgrading to secure alternatives.",Vmware,Vmware Enhanced Authentication Plug-in (eap),9.6,CRITICAL,0.0004299999854993075,false,true,false,true,,true,false,2024-02-20T17:35:09.051Z,5329
CVE-2024-22263,https://securityvulnerability.io/vulnerability/CVE-2024-22263,Malicious File Write Vulnerability in Skipper Server,"The vulnerability allows a malicious user with access to the Skipper server API of Spring Cloud Data Flow to exploit improper sanitization of upload paths. This can lead to crafted upload requests that write arbitrary files to any location in the file system, potentially compromising the integrity of the server and exposing sensitive data.",Spring By Vmware Tanzu,Spring Cloud Skipper,8.8,HIGH,0.0004299999854993075,false,false,false,true,true,false,false,2024-06-19T14:48:10.644Z,0
CVE-2024-22252,https://securityvulnerability.io/vulnerability/CVE-2024-22252,Use-after-free vulnerability,"VMware ESXi, Workstation, and Fusion exhibit a use-after-free vulnerability associated with the XHCI USB controller. This threat arises from the ability of a malicious actor who has local administrative privileges on a virtual machine to exploit this vulnerability, potentially leading to code execution as the virtual machine's VMX process on the host. While exploitation on ESXi remains within the VMX sandbox, vulnerabilities in Workstation and Fusion may enable code execution on the host machines. Administrators should prioritize patching to mitigate potential security risks.",VMWare,"Vmware Esxi,Vmware Workstation,Vmware Fusion,Vmware Cloud Foundation",9.3,CRITICAL,0.0004299999854993075,false,true,false,true,,true,false,2024-03-05T17:57:22.043Z,3285
CVE-2024-37081,https://securityvulnerability.io/vulnerability/CVE-2024-37081,VMware vCenter Server Local Privilege Escalation Vulnerabilities,"The CVE-2024-37081 vulnerability in VMware vCenter Server allows an authenticated local user with non-administrative privileges to elevate privileges to root on the vCenter Server Appliance. This is a local privilege escalation vulnerability due to misconfiguration of sudo. The potential impact of this vulnerability is significant, as it can allow unauthorized elevation of privileges on the vCenter Server. The vendor affected by this vulnerability is VMware. There are no known exploits of this vulnerability by ransomware groups at this time.",VMware,"Vmware Vcenter Server,Vmware Cloud Foundation",7.8,HIGH,0.00279000005684793,false,true,false,true,true,false,false,2024-06-18T05:43:20.580Z,0
CVE-2024-22275,https://securityvulnerability.io/vulnerability/CVE-2024-22275,vCenter Server Partial File Read Vulnerability,"The vCenter Server contains a vulnerability that allows a malicious actor, with administrative privileges on the vCenter appliance shell, to exploit a partial file read issue. This exploitation could enable the attacker to read arbitrary files that may contain sensitive information, posing a significant risk to the confidentiality of critical data managed within the vCenter environment.",VMware,"Vmware Vcenter Server,Vmware Cloud Foundation (vcenter Server)",4.9,MEDIUM,0.0004299999854993075,false,false,false,true,true,false,false,2024-05-21T17:29:45.562Z,0
CVE-2024-22274,https://securityvulnerability.io/vulnerability/CVE-2024-22274,VMware vCenter Server Remote Code Execution Vulnerability,"The vulnerability identified as CVE-2024-22274 affects VMware vCenter Server and allows a malicious actor with administrative privileges to run arbitrary commands on the underlying operating system. The vulnerability has been exploited and a proof-of-concept (PoC) exploit has been released, potentially allowing remote code execution. This poses a serious risk as it can give attackers full control of the affected system. The vulnerability affects specific API components and arbitrary commands can be executed with root privileges. VMware has recommended applying updates to the affected deployments and emphasizes the importance of maintaining up-to-date security measures in virtualization environments. Currently, no workarounds are available, and organizations are urged to assess their systems and apply the necessary updates to mitigate the risk of potential exploitation.",VMware,"Vmware Vcenter Server,Vmware Cloud Foundation (vcenter Server)",7.2,HIGH,0.0004299999854993075,false,true,false,true,true,false,false,2024-05-21T17:29:33.899Z,0
CVE-2024-37085,https://securityvulnerability.io/vulnerability/CVE-2024-37085,VMware ESXi Authentication Bypass Vulnerability,"VMware ESXi is susceptible to a critical authentication bypass vulnerability that enables a malicious actor with appropriate Active Directory permissions to gain unauthorized access to the ESXi host. This situation arises when the 'ESXi Admins' AD group, used for user management, is deleted from Active Directory and subsequently recreated by the attacker. Restoring this group allows elevated access rights, compromising the integrity of the host and potentially exposing sensitive information and functionalities. Administrators are advised to review access control measures and implement best practices to mitigate the risk associated with this vulnerability.",VMware,"Vmware Esxi,Vmware Cloud Foundation",7.2,HIGH,0.010470000095665455,true,true,true,true,true,true,true,2024-06-25T14:16:01.280Z,65164
CVE-2024-37080,https://securityvulnerability.io/vulnerability/CVE-2024-37080,vCenter Server Heap Overflow Vulnerability,"VMware vCenter Server is susceptible to a heap overflow vulnerability associated with the DCERPC protocol implementation. Malicious actors with network access can exploit this flaw by sending a specially crafted network packet. This breach may result in remote code execution, granting unauthorized access and control over affected systems. Organizations utilizing vCenter Server should prioritize applying patches and updates to mitigate potential risks.",VMware,"Vmware Vcenter Server,Vmware Cloud Foundation",9.8,CRITICAL,0.0009299999801442027,false,true,false,true,,false,false,2024-06-18T05:43:10.901Z,0