cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-34059,https://securityvulnerability.io/vulnerability/CVE-2023-34059,File Descriptor Hijack Vulnerability in Open-vm-tools by VMware,"The open-vm-tools package contains a potential vulnerability within the vmware-user-suid-wrapper component. A threat actor with non-root privileges may exploit this vulnerability to intercept and manipulate the /dev/uinput file descriptor, thereby simulating user inputs. This could lead to malicious control over the host environment, allowing unauthorized actions and user impersonations.",Vmware,open-vm-tools,7,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2023-10-27T05:15:00.000Z,0
CVE-2023-34058,https://securityvulnerability.io/vulnerability/CVE-2023-34058,SAML Token Signature Bypass in VMware Tools,"VMware Tools has a vulnerability that allows a malicious actor with granted Guest Operation Privileges in a virtual machine to potentially elevate their privileges. This occurs when the virtual machine has been assigned a more privileged Guest Alias, creating an opportunity for unauthorized access to sensitive resources within the virtual environment.",Vmware,"VMware Tools,open-vm-tools",7.5,HIGH,0.0009899999713525176,false,false,false,false,,false,false,2023-10-27T05:15:00.000Z,0
CVE-2023-20900,https://securityvulnerability.io/vulnerability/CVE-2023-20900,Privilege Escalation Vulnerability in VMware vSphere Affecting Guest Operations,"A vulnerability exists within VMware vSphere that allows a malicious actor with Guest Operation Privileges in a virtual machine to potentially elevate their privileges. This issue arises when the virtual machine has been assigned a more privileged Guest Alias, enabling unauthorized access to higher-level operations and potentially compromising the integrity of the host and other guest instances.",Vmware,"VMware Tools,VMware Tools (open-vm-tools)",7.5,HIGH,0.0014299999456852674,false,false,false,false,,false,false,2023-08-31T10:15:00.000Z,0
CVE-2009-1143,https://securityvulnerability.io/vulnerability/CVE-2009-1143,,An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs (aka hgfsmounter).,Vmware,Open-vm-tools,7,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2022-11-23T00:00:00.000Z,0
CVE-2009-1142,https://securityvulnerability.io/vulnerability/CVE-2009-1142,,An issue was discovered in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled.,Vmware,Open Vm Tools,6.7,MEDIUM,0.0004199999966658652,false,false,false,false,,false,false,2022-11-23T00:00:00.000Z,0
CVE-2011-1681,https://securityvulnerability.io/vulnerability/CVE-2011-1681,,"vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.",Vmware,Open-vm-tools,,,0.0005200000014156103,false,false,false,false,,false,false,2011-04-10T01:29:00.000Z,0