vmware
950 tracked vulnerabilities.
CVE-2022-22964
HIGH
VMware Horizon < 2203 - Local Privilege Escalation via Configuration File
Apr 11, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22962
HIGH
VMware Horizon < 2203 - Local Privilege Escalation via Symbolic Link Manipulation
Apr 11, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22954
CRITICAL
KEVNUCLEI
VMware Workspace ONE Access CVE-2022-22954
Apr 11, 2022
CVSS 9.8
EPSS 0.94
CVE-2022-22965
CRITICAL
KEVNUCLEI
Spring Framework - Remote Code Execution via Data Binding
Apr 01, 2022
CVSS 9.8
EPSS 0.94
CVE-2022-22963
CRITICAL
KEVNUCLEI
Spring Cloud Function < 3.1.6 - Remote Code Execution via SpEL Routing Expression
Apr 01, 2022
CVSS 9.8
EPSS 0.94
CVE-2022-22950
MEDIUM
Spring Framework 5.3.0-5.3.16 - Denial of Service via SpEL Expression
Apr 01, 2022
CVSS 6.5
EPSS 0.04
CVE-2022-27772
HIGH
Spring Boot < 2.2.11 - Temporary Directory Hijacking in AbstractConfigurableWebServerFactory
Mar 30, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22948
MEDIUM
KEV
VMware Cloud Foundation 3.0-3.10 - Information Disclosure via Improper File Permissions
Mar 29, 2022
CVSS 6.5
EPSS 0.26
CVE-2022-22952
CRITICAL
VMware Carbon Black App Control < 8.5.14/8.6.6/8.7.4/8.8.2 - Authenticated RCE via File Upload
Mar 23, 2022
CVSS 9.1
EPSS 0.01
CVE-2022-22951
CRITICAL
VMware Carbon Black App Control 8.5-8.8.1 - Authenticated RCE via Input Validation
Mar 23, 2022
CVSS 9.1
EPSS 0.03
CVE-2022-22946
MEDIUM
Spring Cloud Gateway - Improper Certificate Validation
Mar 04, 2022
CVSS 5.5
EPSS 0.01
CVE-2022-22947
CRITICAL
KEVNUCLEI
Spring Cloud Gateway Remote Code Execution
Mar 03, 2022
CVSS 10.0
EPSS 0.94
CVE-2022-22943
MEDIUM
VMware Tools 10.0.0-11.x.y - Uncontrolled Search Path Element
Mar 03, 2022
CVSS 6.7
EPSS 0.00
CVE-2022-22944
MEDIUM
VMware Workspace ONE Boxer < 22.02 - Stored Cross-Site Scripting in Calendar Event Descriptions
Mar 02, 2022
CVSS 5.4
EPSS 0.00
CVE-2022-22945
HIGH
VMware Cloud Foundation 3.0-3.10 and NSX Data Center < 6.4.13 - Authenticated OS Command Injection via CLI
Feb 16, 2022
CVSS 7.8
EPSS 0.00
CVE-2022-22939
MEDIUM
VMware Cloud Foundation 3.0-3.10.2.2 - Credential Disclosure in SDDC Manager Log Files
Feb 04, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-22938
MEDIUM
VMware Workstation 16.0.0-16.2.1 & Horizon Client 5.0.0-5.5.2 DoS via Cortado ThinPrint TTF Parser
Jan 28, 2022
CVSS 6.5
EPSS 0.00
CVE-2021-22055
MEDIUM
Vmware photon_os < 2022-02-16 - Log Injection via SchedulerServer Package Parameter
Apr 11, 2022
CVSS 5.3
EPSS 0.00
CVE-2021-22050
HIGH
VMware ESXi - Denial of Service via rhttpproxy Slow HTTP POST
Feb 16, 2022
CVSS 7.5
EPSS 0.01
CVE-2021-22043
HIGH
VMware ESXi - Privilege Escalation via TOCTOU Race Condition in Temporary File Handling
Feb 16, 2022
CVSS 7.5
EPSS 0.00
CVE-2021-22042
HIGH
VMware Cloud Foundation 4.0-4.3 - Unauthorized Access via VMX Authorization Ticket
Feb 16, 2022
CVSS 7.8
EPSS 0.00
CVE-2021-22041
MEDIUM
VMware ESXi, Workstation, and Fusion - RCE
Feb 16, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-22040
MEDIUM
VMware ESXi, Workstation, and Fusion - Use-After-Free in XHCI USB Controller
Feb 16, 2022
CVSS 6.7
EPSS 0.00
CVE-2021-22060
MEDIUM
Spring Framework <5.3.13, <5.2.18 - Info Disclosure
Jan 10, 2022
CVSS 4.3
EPSS 0.00
CVE-2021-22045
HIGH
Vmware Cloud Foundation < 3.10.2.2 - Out-of-Bounds Write
Jan 04, 2022
CVSS 7.8
EPSS 0.00
Products
workstation 213
esxi 139
cloud_foundation 132
fusion 131
player 89
esx 86
vcenter_server 79
server 58
spring_framework 48
ace 44
identity_manager 28
workstation_pro 27
workstation_player 26
horizon_client 25
spring_security 24
Workstation 23
tools 22
vrealize_suite_lifecycle_manager 21
vrealize_automation 20
spring_boot 18
vrealize_operations 18
ESXi 16
vmware_workstation 15
vrealize_log_insight 15
workspace_one_access 15
horizon_view 14
spring_ai 14
vcenter_server_appliance 14
Fusion 13
aria_operations 13
Quick Filters