vmware

950 tracked vulnerabilities.

CVE-2020-3992 CRITICAL KEV
VMware ESXi < 7.0.1-0.0.16850804, < 6.7 ESXi670-202010401-SG, < 6.5 ESXi650-202010401-SG - Use-After-Free in OpenSLP
Oct 20, 2020
CVSS 9.8
EPSS 0.90
CVE-2020-3982 HIGH
VMware ESXi 7.0 < 7.0.1-0.0.16850804, 6.7 < 6.7-202008101, 6.5 < 6.5-202007101 - Out-of-Bounds Write via ACPI Device
Oct 20, 2020
CVSS 7.7
EPSS 0.00
CVE-2020-3981 MEDIUM
Vmware Cloud Foundation < 3.10.1 - Out-of-Bounds Read
Oct 20, 2020
CVSS 5.8
EPSS 0.00
CVE-2020-3991 HIGH
VMware Horizon Client 5.0.0-5.4.x - Denial of Service via Symbolic Link Attack
Oct 16, 2020
CVSS 7.1
EPSS 0.00
CVE-2020-3977 MEDIUM
VMware Horizon DaaS 7.x-8.x < 8.0.1 - Authenticated Two-Factor Authentication Bypass
Sep 22, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-5421 MEDIUM
Spring Framework 4.3.0-4.3.28, 5.0.0-5.0.18, 5.1.0-5.1.17, 5.2.0-5.2.8 - Reflection File Download
Sep 19, 2020
CVSS 6.5
EPSS 0.64
CVE-2020-3990 MEDIUM
VMware Horizon Client 5.0.0-5.4.3 & Workstation 15.0.0-15.x - Info Disclosure via Integer Overflow
Sep 16, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-3989 LOW
VMware Horizon Client 5.0.0-5.4.3 & Workstation 15.0.0-15.x DoS via Cortado ThinPrint OOB Write
Sep 16, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-3988 MEDIUM
VMware Horizon Client 5.0.0-5.4.3 and Workstation 15.0.0-15.x - Out-of-bounds Read in Cortado ThinPrint JPEG2000 Parser
Sep 16, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-3987 MEDIUM
VMware Horizon Client 5.0.0-5.4.3 & Workstation 15.0.0-15.9.9 - Out-of-bounds Read in Cortado ThinPrint
Sep 16, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-3986 MEDIUM
VMware Horizon Client 5.0.0-5.4.3 and Workstation 15.0.0-15.x - Out-of-bounds Read in Cortado ThinPrint EMF Parser
Sep 16, 2020
CVSS 6.1
EPSS 0.00
CVE-2020-3980 MEDIUM
VMware Fusion 11.x < 12.0.0 - Privilege Escalation via System Wide Path Configuration
Sep 16, 2020
CVSS 6.7
EPSS 0.00
CVE-2020-3975 MEDIUM
VMware App Volumes 2.x < 2.18.6 and 4 < 2006 - Stored Cross-Site Scripting
Aug 21, 2020
CVSS 5.4
EPSS 0.00
CVE-2020-3976 MEDIUM
VMware ESXi and vCenter Server - Partial Denial of Service in Authentication Service
Aug 21, 2020
CVSS 5.3
EPSS 0.02
CVE-2020-5412 MEDIUM NUCLEI
Spring Cloud Netflix <2.2.4-2.1.6 - SSRF
Aug 07, 2020
CVSS 6.5
EPSS 0.92
CVE-2020-5414 MEDIUM
VMware Tanzu Application Service - Info Disclosure
Jul 31, 2020
CVSS 5.7
EPSS 0.01
CVE-2020-5413 CRITICAL
Spring Integration - Deserialization
Jul 31, 2020
CVSS 9.8
EPSS 0.02
CVE-2020-5396 HIGH
VMware GemFire 9.7.0-9.7.5 and Tanzu GemFire for VMs 1.10.0-1.10.1 - Remote Code Execution via JMX MLet MBean
Jul 31, 2020
CVSS 8.8
EPSS 0.02
CVE-2020-10713 HIGH
GRUB2 < 2.06 - Buffer Overflow via Crafted String
Jul 30, 2020
CVSS 8.2
EPSS 0.00
CVE-2020-3974 HIGH
VMware Fusion 11.0.0-11.5.4 - Privilege Escalation via XPC Client Validation
Jul 10, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-3973 HIGH
VMware VeloCloud Orchestrator 3.1.1-3.3.1 - Authenticated Blind SQL Injection
Jul 08, 2020
CVSS 8.8
EPSS 0.00
CVE-2020-3971 MEDIUM
VMware ESXi 6.7/6.5, Workstation 15.x < 15.0.2, Fusion 11.x < 11.0.2 - Heap Overflow in vmxnet3
Jun 25, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-3970 LOW
VMware ESXi 7.0/6.7/6.5, Workstation 15.x, Fusion 11.x - Out-of-bounds Read in Shader
Jun 25, 2020
CVSS 3.8
EPSS 0.00
CVE-2020-3968 HIGH
VMware ESXi 6.5-7.0, Workstation 15.x, Fusion 11.x - Out-of-bounds Write in USB 3.0 Controller
Jun 25, 2020
CVSS 8.2
EPSS 0.00
CVE-2020-3967 HIGH
Vmware Cloud Foundation < 3.10 - Out-of-Bounds Write
Jun 25, 2020
CVSS 7.5
EPSS 0.00
Products
workstation 213 esxi 139 cloud_foundation 132 fusion 131 player 89 esx 86 vcenter_server 79 server 58 spring_framework 48 ace 44 identity_manager 28 workstation_pro 27 workstation_player 26 horizon_client 25 spring_security 24 Workstation 23 tools 22 vrealize_suite_lifecycle_manager 21 vrealize_automation 20 spring_boot 18 vrealize_operations 18 ESXi 16 vmware_workstation 15 vrealize_log_insight 15 workspace_one_access 15 horizon_view 14 spring_ai 14 vcenter_server_appliance 14 Fusion 13 aria_operations 13
Quick Filters
Critical CVEs With Exploits In CISA KEV