vmware

950 tracked vulnerabilities.

CVE-2021-22112 HIGH
Spring Security <5.4.4-<5.3.8.RELEASE-<5.2.9.RELEASE - Privilege Es...
Feb 23, 2021
CVSS 8.8
EPSS 0.01
CVE-2021-22113 MEDIUM
Spring Cloud Netflix Zuul < 2.2.6 - Incorrect Authorization via Specially Constructed URLs
Feb 23, 2021
CVSS 5.3
EPSS 0.00
CVE-2021-21976 HIGH
vSphere Replication 6.5.0-6.5.1.5 - Authenticated Remote Code Execution via Command Injection
Feb 11, 2021
CVSS 7.2
EPSS 0.02
CVE-2020-3960 HIGH
VMware Fusion 11.0.0-11.5.4 and Workstation 15.0.0-15.5.4 - Out-of-bounds Read in NVMe Controller
Sep 15, 2021
CVSS 8.4
EPSS 0.00
CVE-2020-5428 MEDIUM
Spring Cloud Task <2.2.4.RELEASE - SQL Injection
Jan 27, 2021
CVSS 6.0
EPSS 0.00
CVE-2020-5427 HIGH
Spring Cloud Data Flow <2.6.5-2.5.4 - SQL Injection
Jan 27, 2021
CVSS 7.2
EPSS 0.01
CVE-2020-3999 MEDIUM
VMware Workstation 15.0.0-15.5.6 and Fusion 11.5.0-11.5.6 - Denial of Service via GuestInfo Input Validation
Dec 21, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-4008 LOW
VMware Carbon Black Cloud <3.5.1 - Local Privilege Escalation
Dec 16, 2020
CVSS 3.6
EPSS 0.00
CVE-2020-4003 MEDIUM
VMware SD-WAN Orchestrator 3.3.2-3.4.x < 3.4.4 and 4.0.x < 4.0.1 - Authenticated SQL Injection
Nov 24, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-4002 HIGH
SD-WAN Orchestrator <3.3.2 P3, <3.4.4, <4.0.1 - Privilege Escalation
Nov 24, 2020
CVSS 7.2
EPSS 0.01
CVE-2020-4001 CRITICAL
SD-WAN Orchestrator <4.0 - Default Password
Nov 24, 2020
CVSS 9.8
EPSS 0.10
CVE-2020-4000 HIGH
VMware SD-WAN Orchestrator < 3.3.2 P3, 3.4.x < 3.4.4, 4.0.x < 4.0.1 - Authenticated Path Traversal and Code Execution
Nov 24, 2020
CVSS 8.8
EPSS 0.30
CVE-2020-3985 HIGH
VMware SD-WAN Orchestrator 3.3.2-3.4.3 - Authenticated Privilege Escalation via API
Nov 24, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-3984 MEDIUM
VMware SD-WAN Orchestrator 3.3.2-3.4.3 - Authenticated SQL Injection
Nov 24, 2020
CVSS 6.5
EPSS 0.17
CVE-2020-4006 CRITICAL KEV
VMware Identity Manager and Connector - OS Command Injection
Nov 23, 2020
CVSS 9.1
EPSS 0.13
CVE-2020-4005 HIGH
VMware ESXi <7.0U1b-17168206, <6.7-202011101-SG, <6.5-202011301-SG ...
Nov 20, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-4004 HIGH
VMware Fusion 11.0-11.5.6 - Use-After-Free in XHCI USB Controller
Nov 20, 2020
CVSS 8.2
EPSS 0.00
CVE-2020-5426 CRITICAL
Scheduler for TAS <1.4.0 - Info Disclosure
Nov 11, 2020
CVSS 9.8
EPSS 0.00
CVE-2020-5425 HIGH
Vmware Tanzu <1.11.3, <1.12.x -1.12.4, <1.13.x-1.13.1 - User Impers...
Oct 31, 2020
CVSS 7.9
EPSS 0.00
CVE-2020-3998 MEDIUM
VMware Horizon Client 5.0.0-5.4.x - Information Disclosure via Crashed Client
Oct 23, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-3997 MEDIUM
VMware Horizon 7.0-7.10.2 - Cross-Site Scripting
Oct 23, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-3996 MEDIUM
Velero < 1.4.3 - Information Leakage via Volume Identifier Mismanagement
Oct 22, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-3995 MEDIUM
VMware ESXi - Memory Leak via VMCI Host Drivers
Oct 20, 2020
CVSS 5.3
EPSS 0.00
CVE-2020-3994 HIGH
VMware vCenter Server 6.7 < 6.7u3 and 6.5 < 6.5u3k - Session Hijack via Update Repository Certificate Validation Bypass
Oct 20, 2020
CVSS 7.4
EPSS 0.00
CVE-2020-3993 MEDIUM
VMware NSX-T <3.0.2, <2.5.2.2.0 - Privilege Escalation
Oct 20, 2020
CVSS 5.9
EPSS 0.00
Products
workstation 213 esxi 139 cloud_foundation 132 fusion 131 player 89 esx 86 vcenter_server 79 server 58 spring_framework 48 ace 44 identity_manager 28 workstation_pro 27 workstation_player 26 horizon_client 25 spring_security 24 Workstation 23 tools 22 vrealize_suite_lifecycle_manager 21 vrealize_automation 20 spring_boot 18 vrealize_operations 18 ESXi 16 vmware_workstation 15 vrealize_log_insight 15 workspace_one_access 15 horizon_view 14 spring_ai 14 vcenter_server_appliance 14 Fusion 13 aria_operations 13
Quick Filters
Critical CVEs With Exploits In CISA KEV