cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-34059,https://securityvulnerability.io/vulnerability/CVE-2023-34059,File Descriptor Hijack Vulnerability in Open-vm-tools by VMware,"The open-vm-tools package contains a potential vulnerability within the vmware-user-suid-wrapper component. A threat actor with non-root privileges may exploit this vulnerability to intercept and manipulate the /dev/uinput file descriptor, thereby simulating user inputs. This could lead to malicious control over the host environment, allowing unauthorized actions and user impersonations.",Vmware,Open-vm-tools,7.4,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-10-27T05:15:00.000Z,0
CVE-2023-34058,https://securityvulnerability.io/vulnerability/CVE-2023-34058,SAML Token Signature Bypass in VMware Tools,"VMware Tools has a vulnerability that allows a malicious actor with granted Guest Operation Privileges in a virtual machine to potentially elevate their privileges. This occurs when the virtual machine has been assigned a more privileged Guest Alias, creating an opportunity for unauthorized access to sensitive resources within the virtual environment.",Vmware,"VMware Tools,open-vm-tools",7.5,HIGH,0.001290000043809414,false,,false,false,false,,,false,false,,2023-10-27T05:15:00.000Z,0
CVE-2023-20900,https://securityvulnerability.io/vulnerability/CVE-2023-20900,Privilege Escalation Vulnerability in VMware vSphere Affecting Guest Operations,"A vulnerability exists within VMware vSphere that allows a malicious actor with Guest Operation Privileges in a virtual machine to potentially elevate their privileges. This issue arises when the virtual machine has been assigned a more privileged Guest Alias, enabling unauthorized access to higher-level operations and potentially compromising the integrity of the host and other guest instances.",Vmware,"VMware Tools,VMware Tools (open-vm-tools)",7.5,HIGH,0.0017000000225380063,false,,false,false,false,,,false,false,,2023-08-31T10:15:00.000Z,0
CVE-2009-1142,https://securityvulnerability.io/vulnerability/CVE-2009-1142,Privilege Escalation Vulnerability in open-vm-tools by VMware,"A vulnerability in open-vm-tools allows local users to exploit a symlink attack against /tmp files. If the vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled, attackers can escalate privileges, potentially compromising system security. This vulnerability highlights the need for secure configurations and timely updates to prevent unauthorized access.",Vmware,Open Vm Tools,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-11-23T00:00:00.000Z,0
CVE-2009-1143,https://securityvulnerability.io/vulnerability/CVE-2009-1143,Local Access Control Bypass in Open-VM-Tools by VMware,"A vulnerability was discovered in open-vm-tools that allows local users to bypass intended access restrictions when mounting shares. This issue arises from a symlink attack exploiting a race condition in the realpath function within mount.vmhgfs, commonly referred to as hgfsmounter. As a result, unauthorized users may gain access to restricted file paths, which can lead to potential data breaches.",Vmware,Open-vm-tools,7,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2022-11-23T00:00:00.000Z,0
CVE-2011-1681,https://securityvulnerability.io/vulnerability/CVE-2011-1681,,"vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089.",Vmware,Open-vm-tools,,,0.0005200000014156103,false,,false,false,false,,,false,false,,2011-04-10T01:29:00.000Z,0