Calenderweek 43

VMware Tools vulnerability enables privilege escalation

Two critical vulnerabilities have been identified in VMware Tools and labeled CVE-2023-34057 and CVE-2023-34058. These vulnerabilities are related to local privilege escalation and SAML token signature bypass. These vulnerabilities have a high severity rating of 7.5 (High) and 7.8 (High) respectively. One of these vulnerabilities was identified in macOS systems. VMware has taken immediate action …

VMware Tools vulnerability enables privilege escalation Read More »

PoC exploits for Critix and VMware vulnerability published

VMware, a provider of virtualization services, has notified its customers of the discovery of a proof-of-concept (PoC) exploit for a recently patched vulnerability in Aria Operations for Logs. This high severity vulnerability, identified as CVE-2023-34051 with a CVSS score of 8.1, involves an authentication bypass that could potentially lead to remote code execution. According to …

PoC exploits for Critix and VMware vulnerability published Read More »

DDoS attack exploits HTTP/2 rapid reset vulnerability

Cloudflare announced Thursday that it has successfully mitigated thousands of high-volume HTTP distributed denial-of-service (DDoS) attacks that exploited a recently disclosed vulnerability called HTTP/2 Rapid Reset. Among these attacks, 89 exceeded the 100 million requests per second (RPS) mark. In a report shared with The Hacker News, the web infrastructure and security company stated, “The …

DDoS attack exploits HTTP/2 rapid reset vulnerability Read More »

Scroll to Top