vmware
950 tracked vulnerabilities.
CVE-2021-21994
CRITICAL
VMware ESXi - Authentication Bypass via SFCB Request
Jul 13, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-22119
HIGH
Spring Security 5.2.0-5.2.10, 5.3.0-5.3.9, 5.4.0-5.4.6, 5.5.0 - Denial of Service via OAuth 2.0 Authorization Request
Jun 29, 2021
CVSS 7.5
EPSS 0.05
CVE-2021-32719
LOW
RabbitMQ < 3.8.18 - Authenticated Stored Cross-Site Scripting in Federation Link Consumer Tag
Jun 28, 2021
CVSS 3.1
EPSS 0.00
CVE-2021-32718
LOW
RabbitMQ < 3.8.17 - Authenticated Stored Cross-Site Scripting via User Management UI
Jun 28, 2021
CVSS 3.1
EPSS 0.00
CVE-2021-21999
HIGH
VMware Tools < 11.2.6, Remote Console < 12.0.1, App Volumes < 2.18.10 - Local Privilege Escalation
Jun 23, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-21998
CRITICAL
VMware Carbon Black App Control 8.0-8.1, 8.5-8.5.8, 8.6-8.6.2 - Unauthenticated Authentication Bypass
Jun 23, 2021
CVSS 9.8
EPSS 0.00
CVE-2021-21997
MEDIUM
VMware Tools for Windows <11.3.0 - DoS
Jun 18, 2021
CVSS 5.5
EPSS 0.00
CVE-2021-22116
HIGH
RabbitMQ < 3.8.16 - Denial of Service via AMQP 1.0 Client Connection Endpoint
Jun 08, 2021
CVSS 7.5
EPSS 0.01
CVE-2021-22118
HIGH
Spring Framework 5.2.0-5.2.14 - Authenticated Privilege Escalation via WebFlux Temporary Storage Directory
May 27, 2021
CVSS 7.8
EPSS 0.00
CVE-2021-21986
CRITICAL
VMware vCenter Server - Unauthenticated Access via vSphere Plugin Authentication Bypass
May 26, 2021
CVSS 9.8
EPSS 0.01
CVE-2021-21985
CRITICAL
KEVNUCLEI
VMware vCenter Server - Remote Code Execution via Virtual SAN Health Check Plugin
May 26, 2021
CVSS 9.8
EPSS 0.94
CVE-2021-21989
MEDIUM
VMware Workstation 16.0.0-16.1.1 and Horizon Client 5.0.0-5.5.1 - Out-of-bounds Read in Cortado ThinPrint TTC Parser
May 24, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-21988
MEDIUM
VMware Workstation 16.0.0-16.1.1 & Horizon Client 5.0.0-5.5.1 - Out-of-bounds Read in JPEG2000 Parser
May 24, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-21987
MEDIUM
VMware Workstation 16.0.0-16.1.1 and Horizon Client 5.0.0-5.5.1 - Out-of-bounds Read in Cortado ThinPrint TTC Parser
May 24, 2021
CVSS 6.5
EPSS 0.00
CVE-2021-21990
MEDIUM
VMware Workspace ONE UEM 19.0.0.0-19.12.0.24 - Cross-Site Scripting via Device Enrollment Request
May 11, 2021
CVSS 6.1
EPSS 0.01
CVE-2021-21984
CRITICAL
VMware vRealize Business for Cloud 7.0-7.5.x - Unauthenticated Remote Code Execution via Unauthorized Endpoint
May 07, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-21982
CRITICAL
VMware Carbon Black Cloud Workload < 1.0.1 - Authentication Bypass
Apr 01, 2021
CVSS 9.1
EPSS 0.00
CVE-2021-21983
MEDIUM
vRealize Operations Manager <8.4 - Privilege Escalation
Mar 31, 2021
CVSS 6.5
EPSS 0.83
CVE-2021-21975
HIGH
KEVNUCLEI
VMware vRealize Operations Manager < 8.4 - Server-Side Request Forgery via API
Mar 31, 2021
CVSS 7.5
EPSS 0.94
CVE-2021-26987
CRITICAL
Spring Boot < 1.3.2 - Remote Code Execution
Mar 15, 2021
CVSS 9.8
EPSS 0.02
CVE-2021-21978
CRITICAL
NUCLEI
VMware View Planner 4.0-4.5 - Unauthenticated Remote Code Execution via Logupload Arbitrary File Upload
Mar 03, 2021
CVSS 9.8
EPSS 0.90
CVE-2021-22114
MEDIUM
Spring Integration Zip < 1.0.4 - Arbitrary File Write via Path Traversal in Archive Extraction
Mar 01, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-21974
HIGH
VMware ESXi Remote Code Execution via OpenSLP Heap Overflow
Feb 24, 2021
CVSS 8.8
EPSS 0.56
CVE-2021-21973
MEDIUM
KEVNUCLEI
VMware vCenter Server and Cloud Foundation - Server-Side Request Forgery via vSphere Client Plugin
Feb 24, 2021
CVSS 5.3
EPSS 0.90
CVE-2021-21972
CRITICAL
KEVNUCLEI
VMware vCenter Server and Cloud Foundation - Remote Code Execution via vSphere Client Plugin
Feb 24, 2021
CVSS 9.8
EPSS 0.94
Products
workstation 213
esxi 139
cloud_foundation 132
fusion 131
player 89
esx 86
vcenter_server 79
server 58
spring_framework 48
ace 44
identity_manager 28
workstation_pro 27
workstation_player 26
horizon_client 25
spring_security 24
Workstation 23
tools 22
vrealize_suite_lifecycle_manager 21
vrealize_automation 20
spring_boot 18
vrealize_operations 18
ESXi 16
vmware_workstation 15
vrealize_log_insight 15
workspace_one_access 15
horizon_view 14
spring_ai 14
vcenter_server_appliance 14
Fusion 13
aria_operations 13
Quick Filters