CVE Daily – VMware Photon (High+Critical)

[Critical] CVE-2023-34060 – VMware Cloud Director Appliance contains an authentication bypass vulnerability ...

Tue, 14 Nov 2023 21:15:09 +0000

Critical CVE-2023-34060

VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the appliance can bypass login restrictions when authenticating on port 22 (ssh) or port 5480 (appliance management console) . Thi…

CVSS: 9.8 · CWE: CWE-306

View on NVD

[High] CVE-2023-46055 – An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrar...

Sat, 21 Oct 2023 07:15:07 +0000

High CVE-2023-46055

An issue in ThingNario Photon v.1.0 allows a remote attacker to execute arbitrary code and escalate privileges via a crafted script to the ping function to the "thingnario Logger Maintenance Webpage" endpoint.

CVSS: 8.8 · CWE: CWE-94

View on NVD

[High] CVE-2004-1681 – Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, o...

Thu, 26 Aug 2004 04:00:00 +0000

High CVE-2004-1681

Multiple buffer overflows in (1) phrelay-cfg, (2) phlocale, (3) pkg-installer, or (4) input-cfg in QNX Photon microGUI for QNX RTP 6.1 allow local users to gain privileges via a long -s (server) command line parameter.

CVSS: 7.2 · CWE: N/A

View on NVD