vmware
950 tracked vulnerabilities.
CVE-2020-3966
HIGH
VMware ESXi 7.0/6.7/6.5, Workstation 15.x, Fusion 11.x Heap Overflow via USB 2.0 Race Condition
Jun 25, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-3965
MEDIUM
Vmware Cloud Foundation < 3.10 - Out-of-Bounds Read
Jun 25, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-3964
MEDIUM
VMware ESXi 6.5-7.0, Workstation 15.x, Fusion 11.x - Information Leak in EHCI USB Controller
Jun 25, 2020
CVSS 4.7
EPSS 0.00
CVE-2020-3963
MEDIUM
Vmware Cloud Foundation < 3.10 - Use After Free
Jun 25, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-3962
HIGH
Vmware Cloud Foundation < 3.10 - Use After Free
Jun 24, 2020
CVSS 8.2
EPSS 0.00
CVE-2020-3969
HIGH
VMware ESXi <7.0-1.20.16321839,6.7-202004101-SG,6.5-202005401-SG - RCE
Jun 24, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-3972
LOW
VMware Tools for macOS <11.1.1 - DoS
Jun 19, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-3961
HIGH
VMware Horizon Client < 5.4.3 - Privilege Escalation via Unsafe Library Loading
Jun 15, 2020
CVSS 7.8
EPSS 0.00
CVE-2020-5410
HIGH
KEVNUCLEI
Spring Cloud Config <2.2.3 & <2.1.9 - Path Traversal
Jun 02, 2020
CVSS 7.5
EPSS 0.94
CVE-2020-3959
LOW
VMware Fusion 11.0.0-11.1.0 and Workstation 15.0.0-15.1.0 - Denial of Service via VMCI Module Memory Leak
May 29, 2020
CVSS 3.3
EPSS 0.00
CVE-2020-3958
MEDIUM
VMware Fusion 11.0.0-11.5.1 and Workstation 15.0.0-15.5.1 - Denial of Service via Shader Functionality
May 29, 2020
CVSS 5.5
EPSS 0.00
CVE-2020-3957
HIGH
VMware Fusion 11.0.0-11.5.4 - Local Privilege Escalation via Service Opener TOCTOU
May 29, 2020
CVSS 7.0
EPSS 0.00
CVE-2020-3956
HIGH
VMware Cloud Director 9.5.0.0-9.5.0.5 - Authenticated Remote Code Execution via Expression Language Injection
May 20, 2020
CVSS 8.8
EPSS 0.41
CVE-2020-5408
MEDIUM
Spring Security <5.3.2, 5.2.x <5.2.4, 5.1.x <5.1.10, 5.0.x <5.0.16,...
May 14, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-11652
MEDIUM
KEV
SaltStack Salt < 2019.2.4 - Authenticated Path Traversal via ClearFuncs Methods
Apr 30, 2020
CVSS 6.5
EPSS 0.94
CVE-2020-11651
CRITICAL
KEV
SaltStack Salt <2019.2.4,3000.2 - RCE
Apr 30, 2020
CVSS 9.8
EPSS 0.94
CVE-2020-3955
CRITICAL
VMware ESXi 6.5 and 6.7 - Stored Cross-Site Scripting in Virtual Machine Attributes View
Apr 29, 2020
CVSS 9.3
EPSS 0.01
CVE-2020-3946
HIGH
VMware InstallBuilder < 19.11.0 - Denial of Service via XML Entity Expansion
Apr 20, 2020
CVSS 7.5
EPSS 0.00
CVE-2020-3954
MEDIUM
VMware vRealize Log Insight < 8.1.0 - Open Redirect via Improper Input Validation
Apr 15, 2020
CVSS 6.1
EPSS 0.01
CVE-2020-3953
MEDIUM
VMware vRealize Log Insight < 8.1.0 - Stored Cross-Site Scripting via Improper Input Validation
Apr 15, 2020
CVSS 4.8
EPSS 0.00
CVE-2020-5406
MEDIUM
VMware Tanzu Application Service for VMs <2.6.18-2.8.5 - Info Discl...
Apr 10, 2020
CVSS 6.5
EPSS 0.00
CVE-2020-3952
CRITICAL
KEVNUCLEI
VMware vCenter Server vmdir Information Disclosure
Apr 10, 2020
CVSS 9.8
EPSS 0.94
CVE-2020-3951
LOW
VMware Workstation <15.5.2 & Horizon Client for Windows <5.4.0 - DoS
Mar 17, 2020
CVSS 3.8
EPSS 0.00
CVE-2020-3950
HIGH
KEV
VMware Fusion <11.5.2 - Privilege Escalation
Mar 17, 2020
CVSS 7.8
EPSS 0.16
CVE-2020-3948
HIGH
VMware Workstation/Fusion <15.5.2-11.5.2 - Privilege Escalation
Mar 16, 2020
CVSS 7.8
EPSS 0.00
Products
workstation 213
esxi 139
cloud_foundation 132
fusion 131
player 89
esx 86
vcenter_server 79
server 58
spring_framework 48
ace 44
identity_manager 28
workstation_pro 27
workstation_player 26
horizon_client 25
spring_security 24
Workstation 23
tools 22
vrealize_suite_lifecycle_manager 21
vrealize_automation 20
spring_boot 18
vrealize_operations 18
ESXi 16
vmware_workstation 15
vrealize_log_insight 15
workspace_one_access 15
horizon_view 14
spring_ai 14
vcenter_server_appliance 14
Fusion 13
aria_operations 13
Quick Filters