vmware

950 tracked vulnerabilities.

CVE-2018-11039 MEDIUM
Spring Framework < 4.3.18 - HTTP Method Override to Cross-Site Tracing
Jun 25, 2018
CVSS 5.9
EPSS 0.03
CVE-2018-6968 CRITICAL
VMware AirWatch Agent < 6.5.2 and < 8.2 - Remote Code Execution via File Manager
Jun 11, 2018
CVSS 10.0
EPSS 0.10
CVE-2018-6961 HIGH KEVNUCLEI
VMware NSX SD-WAN by VeloCloud < 3.1.0 - Remote Code Execution via Local Web UI Command Injection
Jun 11, 2018
CVSS 8.1
EPSS 0.94
CVE-2018-6964 HIGH
VMware Horizon Client 4.0.0-4.7.0 - Local Privilege Escalation via SUID Binary
May 29, 2018
CVSS 7.8
EPSS 0.00
CVE-2018-6963 MEDIUM
VMware Fusion 10.0-10.1.1 and Workstation 14.0-14.1.1 - Denial of Service via RPC Handler NULL Pointer Dereference
May 22, 2018
CVSS 5.5
EPSS 0.00
CVE-2018-6962 HIGH
VMware Fusion 10.0-10.1.1 - Local Privilege Escalation via Signature Bypass
May 22, 2018
CVSS 7.8
EPSS 0.00
CVE-2018-1263 MEDIUM
Spring Integration Zip < 1.0.2 - Arbitrary File Write via Path Traversal in Archive Extraction
May 15, 2018
CVSS 4.7
EPSS 0.01
CVE-2018-1261 MEDIUM
Spring Integration Zip < 1.0.1 - Arbitrary File Write via Path Traversal in Archive Extraction
May 11, 2018
CVSS 4.7
EPSS 0.00
CVE-2018-1258 HIGH
Spring Security - Incorrect Authorization Bypass via Method Security
May 11, 2018
CVSS 8.8
EPSS 0.00
CVE-2018-1257 MEDIUM
Spring Framework < 4.3.17 - Denial of Service via STOMP over WebSocket
May 11, 2018
CVSS 6.5
EPSS 0.01
CVE-2018-1256 HIGH
Spring Cloud SSO Connector 2.1.2 - Auth Bypass
May 07, 2018
CVSS 8.1
EPSS 0.00
CVE-2018-6960 HIGH
VMware Horizon DaaS 7.x < 8.0.0 - Authenticated Two-Factor Authentication Bypass
Apr 20, 2018
CVSS 8.8
EPSS 0.02
CVE-2018-6959 CRITICAL
VMware vRA <7.4.0 - Privilege Escalation
Apr 13, 2018
CVSS 9.8
EPSS 0.01
CVE-2018-6958 MEDIUM
VMware vRealize Automation < 7.3.1 - DOM-based Cross-Site Scripting
Apr 13, 2018
CVSS 6.1
EPSS 0.00
CVE-2018-5511 HIGH
F5 BIG-IP <13.1.0.3 - Privilege Escalation
Apr 13, 2018
CVSS 7.2
EPSS 0.12
CVE-2018-1275 CRITICAL
Spring Framework 4.3.0-4.3.15 - Remote Code Execution via STOMP over WebSocket
Apr 11, 2018
CVSS 9.8
EPSS 0.38
CVE-2018-1272 HIGH
Spring Framework 4.3.0-4.3.14 - Privilege Escalation via Multipart Request Parameter Tampering
Apr 06, 2018
CVSS 7.5
EPSS 0.02
CVE-2018-1271 MEDIUM NUCLEI
Spring Framework 4.3.0-4.3.14 - Path Traversal via Static Resource Request
Apr 06, 2018
CVSS 5.9
EPSS 0.91
CVE-2018-1270 CRITICAL
Spring Framework < 4.3.16 and 5.0 < 5.0.5 - Remote Code Execution via STOMP over WebSocket
Apr 06, 2018
CVSS 9.8
EPSS 0.90
CVE-2018-1196 MEDIUM
Spring Boot <2.0.0.M7 - Privilege Escalation
Mar 19, 2018
CVSS 5.9
EPSS 0.01
CVE-2018-1199 MEDIUM
Spring Security <4.1.5, 4.2.x <4.2.4, 5.0.x <5.0.1 - Auth Bypass
Mar 16, 2018
CVSS 5.3
EPSS 0.01
CVE-2018-6957 MEDIUM
VMware Workstation 14.x < 14.1.1 and 12.x - Denial of Service via VNC Session Flood
Mar 15, 2018
CVSS 5.3
EPSS 0.00
CVE-2017-4952 HIGH
VMware Xenon <1.5.4-1.5.7 - Auth Bypass
May 02, 2018
CVSS 7.5
EPSS 0.02
CVE-2017-4951 HIGH
VMware AirWatch Console <9.2.2, <9.1.5 - CSRF
Jan 29, 2018
CVSS 8.8
EPSS 0.00
CVE-2017-4947 CRITICAL
VMware vRealize Automation 7.2-7.3 & vSphere Integrated Containers <1.3.0 RCE via Xenon Deserialization
Jan 29, 2018
CVSS 9.8
EPSS 0.27
Products
workstation 213 esxi 139 cloud_foundation 132 fusion 131 player 89 esx 86 vcenter_server 79 server 58 spring_framework 48 ace 44 identity_manager 28 workstation_pro 27 workstation_player 26 horizon_client 25 spring_security 24 Workstation 23 tools 22 vrealize_suite_lifecycle_manager 21 vrealize_automation 20 spring_boot 18 vrealize_operations 18 ESXi 16 vmware_workstation 15 vrealize_log_insight 15 workspace_one_access 15 horizon_view 14 spring_ai 14 vcenter_server_appliance 14 Fusion 13 aria_operations 13
Quick Filters
Critical CVEs With Exploits In CISA KEV