Cloud - CVE CyberSecurity Database News (Page 19)

Mar 5, 2024 Exploit VMware Cloud Foundation

CVE-2024-22254 - Exploiting VMware ESXi’s Out-of-Bounds Write for VM Escape

In early 2024, VMware revealed CVE-2024-22254, a serious security hole in ESXi, VMware Workstation, and VMware Fusion. The flaw is an “out-of-bounds write” vulnerability in

Mar 3, 2024

CVE-2019-25210 - Exposing Secrets with Helm’s `--dry-run` Flag—What You Need to Know

In February 2021, a security issue surfaced in Helm, the de facto package manager for Kubernetes, tracked as CVE-2019-25210. The vulnerability affected all versions of

Feb 29, 2024 Exploit Ibm

CVE-2021-39090 - How a Missing HTTP Strict Transport Security Setting in IBM Cloud Pak for Security Leaked Sensitive Data

In 2021, a security flaw was discovered in IBM Cloud Pak for Security (CP4S), versions 1.10.. through 1.10.6.. This weakness, tracked as

Feb 29, 2024 API Ibm

CVE-2023-38367 - How Unauthenticated Attackers Can Control IBM Cloud Pak Foundational Services IdP (with Exploit Details)

In mid-2023, IBM disclosed a critical security issue—tracked as CVE-2023-38367—in its Cloud Pak Foundational Services Identity Provider (IdP) API. Affecting a range of

Feb 29, 2024 Windows Exploit Ibm Watson CloudPak for Data Data Stores

CVE-2023-27545 - How IBM Watson CloudPak for Data Data Stores Exposes Sensitive Data Locally

In March 2023, IBM disclosed a new security vulnerability in its flagship data platform, IBM Watson CloudPak for Data. Tracked as CVE-2023-27545, this flaw allows