cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2024-37085,https://securityvulnerability.io/vulnerability/CVE-2024-37085,VMware ESXi Authentication Bypass Vulnerability,"VMware ESXi is susceptible to a critical authentication bypass vulnerability that enables a malicious actor with appropriate Active Directory permissions to gain unauthorized access to the ESXi host. This situation arises when the 'ESXi Admins' AD group, used for user management, is deleted from Active Directory and subsequently recreated by the attacker. Restoring this group allows elevated access rights, compromising the integrity of the host and potentially exposing sensitive information and functionalities. Administrators are advised to review access control measures and implement best practices to mitigate the risk associated with this vulnerability.",VMware,"Vmware Esxi,Vmware Cloud Foundation",7.2,HIGH,0.010470000095665455,true,true,true,true,true,true,true,2024-06-25T14:16:01.280Z,65164
CVE-2024-38812,https://securityvulnerability.io/vulnerability/CVE-2024-38812,vCenter Server Heap Overflow Vulnerability,"A heap-overflow vulnerability exists in the vCenter Server's implementation of the DCERPC protocol, allowing a remote attacker with network access to exploit this weakness. By sending a specially crafted network packet, the attacker may be able to execute arbitrary code on the affected system. This vulnerability poses a significant risk, as it could lead to unauthorized access or control over the system, highlighting the importance of maintaining robust network security practices and applying updates promptly.",VMware,"Vmware Vcenter Server,Vmware Cloud Foundation",9.8,CRITICAL,0.0041600000113248825,true,true,false,true,true,true,true,2024-09-17T18:15:00.000Z,6630
CVE-2024-37079,https://securityvulnerability.io/vulnerability/CVE-2024-37079,vCenter Server Heap Overflow Vulnerability,"vCenter Server is impacted by a heap-overflow vulnerability within its DCERPC protocol implementation. This flaw allows an attacker with network access to exploit the vulnerability by delivering specially crafted network packets. If executed successfully, this exploitation could lead to unauthorized remote code execution, posing severe risks to system integrity and confidentiality. It is critical for organizations using affected versions of vCenter Server to implement appropriate security measures to mitigate potential threats stemming from this vulnerability.",VMware,"Vmware Vcenter Server,Vmware Cloud Foundation",9.8,CRITICAL,0.0009299999801442027,false,true,false,false,,true,false,2024-06-18T05:43:06.619Z,6722
CVE-2024-22252,https://securityvulnerability.io/vulnerability/CVE-2024-22252,Use-after-free vulnerability,"VMware ESXi, Workstation, and Fusion exhibit a use-after-free vulnerability associated with the XHCI USB controller. This threat arises from the ability of a malicious actor who has local administrative privileges on a virtual machine to exploit this vulnerability, potentially leading to code execution as the virtual machine's VMX process on the host. While exploitation on ESXi remains within the VMX sandbox, vulnerabilities in Workstation and Fusion may enable code execution on the host machines. Administrators should prioritize patching to mitigate potential security risks.",VMWare,"Vmware Esxi,Vmware Workstation,Vmware Fusion,Vmware Cloud Foundation",9.3,CRITICAL,0.0004299999854993075,false,true,false,true,,true,false,2024-03-05T17:57:22.043Z,3285
CVE-2024-22245,https://securityvulnerability.io/vulnerability/CVE-2024-22245,Arbitrary Authentication Relay and Session Hijack Vulnerabilities in VMware EAP,"The VMware Enhanced Authentication Plug-in is susceptible to vulnerabilities that enable arbitrary authentication relay and session hijacking. This condition can be exploited by malicious actors who successfully trick a target domain user, with the plug-in installed in their web browser, into requesting service tickets associated with arbitrary Active Directory Service Principal Names (SPNs). Such an attack could potentially allow unauthorized access to sensitive services and data, thereby compromising the integrity of the affected Active Directory environment. Organizations utilizing this plug-in are advised to implement appropriate security measures and consider upgrading to secure alternatives.",Vmware,Vmware Enhanced Authentication Plug-in (eap),9.6,CRITICAL,0.0004299999854993075,false,true,false,true,,true,false,2024-02-20T17:35:09.051Z,5329