Search Blog Stats Labs

Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits

About

About Exploit Intel About Exploit Forge Privacy Policy

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Color Theme

Search Blog Statistics Labs Tools EIP CLI Search Tool EIP MCP Server EIP REST API API Rate Limits About About Exploit Forge Privacy

Exploit Database Researchers CWE Categories Vendors Ecosystems

RSS Feeds

Blog Posts Recent CVEs CVEs with Exploits CISA KEV

Follow:

Theme:

Home / Vendors / vmware

vmware

950 tracked vulnerabilities.

CVE-2021-22057 HIGH

VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 - Authentication Bypass

CVE-2021-22056 HIGH

VMware Workspace ONE Access and Identity Manager - Server-Side Request Forgery

CVE-2021-22054 HIGH KEVNUCLEI

VMware Workspace ONE UEM Console SSRF (20.0.8-20.0.8.36, 20.11.0-20.11.0.39, 21.2.0-21.2.0.26, 21.5.0-21.5.0.36)

CVE-2021-22095 MEDIUM

Spring AMQP 2.2.0-2.2.19 and 2.3.0-2.3.11 - Denial of Service via Large Message Body Deserialization

CVE-2021-22049 CRITICAL

VMware vCenter Server - Server-Side Request Forgery in vSAN Web Client Plugin

CVE-2021-21980 HIGH

vSphere Web Client - Info Disclosure

CVE-2021-22053 HIGH NUCLEI

Spring Cloud Netflix Hystrix Dashboard - Remote Code Execution via Request URI Path SpringEL Injection

CVE-2021-22048 HIGH

VMware Cloud Foundation >=3.0 <3.10.2.2 - Privilege Escalation via IWA Authentication Mechanism

CVE-2021-22051 MEDIUM

Spring Cloud Gateway < 2.2.10 and 3.0.0-3.0.5 - Incorrect Authorization

CVE-2021-22038 HIGH

Windows Uninstaller - Privilege Escalation

CVE-2021-22037 HIGH

VMware InstallBuilder < 21.6.0 - Path Interception by Search Order Hijacking via reg.exe Command

CVE-2021-22097 MEDIUM

Spring AMQP 2.2.0-2.2.18 and 2.3.0-2.3.10 - Denial of Service via Malicious Dictionary Deserialization

CVE-2021-22096 MEDIUM

Spring Framework <5.3.11-<5.2.18 - Info Disclosure

CVE-2021-22047 MEDIUM

Spring Data REST 3.4.0-3.4.13 and 3.5.0-3.5.5 - Exposure of Sensitive Information via Unauthorized URI Access

CVE-2021-22044 HIGH

Spring Cloud OpenFeign 2.2.0-2.2.9 and 3.0.0-3.0.4 - Unintended Endpoint Exposure via Type-Level RequestMapping

CVE-2021-22034 HIGH

VMware vRealize Operations Tenant App < 8.6 - Information Disclosure

CVE-2021-22036 MEDIUM

VMware vRealize Orchestrator 8.0-8.5 - Open Redirect and Sensitive Information Exposure via Improper Path Handling

CVE-2021-22035 MEDIUM

VMware vRealize Log Insight 8.0.0-8.5.0 - Authenticated CSV Injection via Interactive Analytics Export

CVE-2021-22033 LOW

VMware vRealize Operations < 8.6.0 - Server-Side Request Forgery

CVE-2021-22020 MEDIUM

VMware Cloud Foundation >=3.0 <3.10.2.2 - Denial of Service in Analytics Service

CVE-2021-22019 HIGH

VMware Cloud Foundation >=3.0 <3.10.2.2 - Denial of Service via VAPI JSONRPC Message

CVE-2021-22018 MEDIUM

VMware Cloud Foundation 4.0-4.3.0 - Arbitrary File Deletion in vSphere Life-cycle Manager Plug-in

CVE-2021-22017 MEDIUM KEVNUCLEI

VMware vCenter Server - Server-Side Request Forgery via URI Normalization Bypass

CVE-2021-22016 MEDIUM

VMware Cloud Foundation 3.0-5.0 and vCenter Server - Reflected Cross-Site Scripting

CVE-2021-22015 HIGH

VMware Cloud Foundation 3.0-5.0 and vCenter Server - Local Privilege Escalation via Improper File Permissions

Previous Page 14 of 38 Next

Products

workstation 213 esxi 139 cloud_foundation 132 fusion 131 player 89 esx 86 vcenter_server 79 server 58 spring_framework 48 ace 44 identity_manager 28 workstation_pro 27 workstation_player 26 horizon_client 25 spring_security 24 Workstation 23 tools 22 vrealize_suite_lifecycle_manager 21 vrealize_automation 20 spring_boot 18 vrealize_operations 18 ESXi 16 vmware_workstation 15 vrealize_log_insight 15 workspace_one_access 15 horizon_view 14 spring_ai 14 vcenter_server_appliance 14 Fusion 13 aria_operations 13

Quick Filters

Critical CVEs With Exploits In CISA KEV

Exploit Intelligence Platform

Blog Stats Labs Exploits Researchers CWE Ecosystems CLI MCP API Limits About Privacy