| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
Deploy autonomous AI agents that reason, exploit, and validate complex vulnerability chains — not another scanner, an agentic system that thinks like a senior pentester.
Known vulnerabilities affecting Vmware products and systems
| CVE ID | Description | CVSS | Priority | Trend | Exploit | Patch |
|---|---|---|---|---|---|---|
| CVE-2023-6516 | To keep its cache database efficient, `named` running as a recursive resolver occasionally attempts to clean up the database. It uses several methods, including some that are asynchronous: a small chu... | 7.5 | 386 | Neutral | No |
| Yes |
| CVE-2023-5680 | If a resolver cache has a very large number of ECS records stored for the same name, the process of cleaning the cache database node for this name can significantly impair query performance. This iss... | 5.3 | 124 | Neutral | No | Yes |
| CVE-2023-5679 | A bad interaction between DNS64 and serve-stale may cause `named` to crash with an assertion failure during recursive resolution, when both of these features are enabled. This issue affects BIND 9 ver... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2023-5517 | A flaw in query-handling code can cause `named` to exit prematurely with an assertion failure when: - `nxdomain-redirect <domain>;` is configured, and - the resolver receives a PTR query for an R... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2023-52433 | netfilter: nft_set_rbtree: skip sync GC for new elements in this transaction New elements in this transaction might expired before such transaction ends. Skip sync GC for such elements otherwise comm... | 4.4 | 90 | Neutral | No | Yes |
| CVE-2023-5178 | A use-after-free vulnerability was found in drivers/nvme/target/tcp.c` in `nvmet_tcp_free_crypto` due to a logical bug in the NVMe-oF/TCP subsystem in the Linux kernel. This issue may allow a maliciou... | 8.8 | 775 | Neutral | Yes | Yes |
| CVE-2023-50868 | The Closest Encloser Proof aspect of the DNS protocol (in RFC 5155 when RFC 9276 guidance is skipped) allows remote attackers to cause a denial of service (CPU consumption for SHA-1 computations) via ... | 7.5 | 526 | Neutral | Yes | Yes |
| CVE-2023-4863 | Heap buffer overflow in libwebp allow a remote attacker to perform an out of bounds memory write via a crafted HTML page. | 8.8 | 999 | Viral | Yes | Yes |
| CVE-2023-4813 | A flaw was found in glibc. In an uncommon situation, the gaih_inet function may use memory that has been freed, resulting in an application crash. This issue is only exploitable when the getaddrinfo f... | 5.9 | 385 | Neutral | Yes | Yes |
| CVE-2023-46120 | ### Summary `maxBodyLebgth` was not used when receiving Message objects. Attackers could just send a very large Message causing a memory overflow and triggering an OOM Error. ### PoC #### RbbitMQ * ... | 7.5 | 386 | Neutral | No | Yes |
| CVE-2023-46118 | No description available | 4.9 | 97 | Neutral | No | Yes |
| CVE-2023-45862 | An issue was discovered in drivers/usb/storage/ene_ub6250.c for the ENE UB6250 reader driver in the Linux kernel before 6.2.5. An object could potentially extend beyond the end of an allocation. | 5.5 | 125 | Neutral | No | Yes |
| CVE-2023-44794 | An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload to the URL. | 9.8 | 631 | Neutral | No | Yes |
| CVE-2023-40745 | LibTIFF is vulnerable to an integer overflow. This flaw allows remote attackers to cause a denial of service (application crash) or possibly execute an arbitrary code via a crafted tiff image, which t... | 6.5 | 209 | Neutral | No | Yes |
| CVE-2023-39250 | Dell Storage Integration Tools for VMware (DSITV) 06.01.00.016 contain an information disclosure vulnerability. A local low-privileged malicious user could potentially exploit this vulnerability to r... | 5.5 | 125 | Neutral | No | Yes |
| CVE-2023-38709 | Faulty input validation in the core of Apache allows malicious or exploitable backend/content generators to split HTTP responses. This issue affects Apache HTTP Server: through 2.4.58. | 7.3 | 450 | Neutral | Yes | Yes |
| CVE-2023-38545 | This flaw makes curl overflow a heap based buffer in the SOCKS5 proxy handshake. When curl is asked to pass along the host name to the SOCKS5 proxy to allow that to resolve the address instead of it ... | 9.8 | 857 | Trending | Yes | Yes |
| CVE-2023-36054 | lib/kadm5/kadm_rpc_xdr.c in MIT Kerberos 5 (aka krb5) before 1.20.2 and 1.21.x before 1.21.1 frees an uninitialized pointer. A remote authenticated user can trigger a kadmind crash. This occurs becaus... | 6.5 | 209 | Neutral | No | Yes |
| CVE-2023-35897 | IBM Spectrum Protect Client and IBM Storage Protect for Virtual Environments 8.1.0.0 through 8.1.19.0 could allow a local user to execute arbitrary code on the system using a specially crafted file, c... | 7.8 | 594 | Neutral | No | Yes |
| CVE-2023-34064 | Workspace ONE Launcher contains a Privilege Escalation Vulnerability. A malicious actor with physical access to Workspace ONE Launcher could utilize the Edge Panel feature to bypass setup to gain acce... | 4.6 | 109 | Neutral | No | Yes |