|
250451
|
8.1 |
HIGH
Network
|
vmware
|
spring_security
|
An issue was discovered in Pivotal Spring Security 4.2.0.RELEASE through 4.2.2.RELEASE, and Spring Security 5.0.0.M1. When configured to enable default typing, Jackson contained a deserialization vul…
|
CWE-502
Deserialization of Untrusted Data
|
CVE-2017-4995
|
2024-11-21 12:26 |
2017-11-27 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250452
|
7.8 |
HIGH
Local
|
vmware
|
workstation
|
VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL…
|
CWE-426
Untrusted Search Path
|
CVE-2017-4939
|
2024-11-21 12:26 |
2017-11-18 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250453
|
6.5 |
MEDIUM
Local
|
vmware
|
workstation
fusion
|
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal…
|
CWE-476
NULL Pointer Dereference
|
CVE-2017-4938
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250454
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-4937
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250455
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-4936
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250456
|
8.8 |
HIGH
Local
|
vmware
|
workstation
fusion
|
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-4934
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250457
|
6.1 |
MEDIUM
Network
|
vmware
|
nsx_edge
|
VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure.
|
CWE-79
Cross-site Scripting
|
CVE-2017-4929
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250458
|
7.5 |
HIGH
Network
|
vmware
|
vcenter_server
|
The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization …
|
CWE-352
CWE-918
Origin Validation Error
Server-Side Request Forgery (SSRF)
|
CVE-2017-4928
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250459
|
7.5 |
HIGH
Network
|
vmware
|
vcenter_server
|
VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service.
|
CWE-90
LDAP Injection
|
CVE-2017-4927
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250460
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this …
|
CWE-787
Out-of-bounds Write
|
CVE-2017-4935
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
