vmware
950 tracked vulnerabilities.
CVE-2017-4900
MEDIUM
VMware Workstation Pro/Player <12.5.3 - Use After Free
Jun 07, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-4899
MEDIUM
VMware Workstation Pro/Player <12.5.3 - Memory Corruption
Jun 07, 2017
CVSS 4.7
EPSS 0.00
CVE-2017-4898
HIGH
VMware Workstation Pro/Player <12.5.3 - Privilege Escalation
Jun 07, 2017
CVSS 8.8
EPSS 0.00
CVE-2017-4917
CRITICAL
VMware vSphere Data Protection 5.5.x-6.1.x - Plaintext Credential Exposure via Reversible Encryption
Jun 07, 2017
CVSS 9.8
EPSS 0.00
CVE-2017-4914
CRITICAL
VMware vSphere Data Protection 5.5.x-6.1.x - Remote Code Execution via Deserialization
Jun 07, 2017
CVSS 9.8
EPSS 0.13
CVE-2017-4897
MEDIUM
VMware Horizon DaaS <7.0.0 - Info Disclosure
May 31, 2017
CVSS 5.5
EPSS 0.00
CVE-2017-4916
MEDIUM
VMware Workstation Pro/Player - DoS
May 22, 2017
CVSS 6.5
EPSS 0.10
CVE-2017-4915
HIGH
VMware Workstation Pro/Player - Privilege Escalation
May 22, 2017
CVSS 7.8
EPSS 0.12
CVE-2017-4896
LOW
Airwatch Inbox for Android - Info Disclosure
May 10, 2017
CVSS 3.8
EPSS 0.00
CVE-2017-4895
HIGH
Airwatch Agent for Android - Privilege Escalation
May 10, 2017
CVSS 8.8
EPSS 0.00
CVE-2016-1000027
CRITICAL
Pivotal Spring Framework <5.3.16 - RCE
Jan 02, 2020
CVSS 9.8
EPSS 0.60
CVE-2016-0898
CRITICAL
MySQL for PCF tiles <1.7.10 - Info Disclosure
Mar 29, 2018
CVSS 10.0
EPSS 0.00
CVE-2016-5007
HIGH
Spring Framework - Authorization Bypass via URL Pattern Matching Discrepancy
May 25, 2017
CVSS 7.5
EPSS 0.00
CVE-2016-2173
CRITICAL
Fedora < 1.5.5 - Improper Input Validation
Apr 21, 2017
CVSS 9.8
EPSS 0.21
CVE-2016-9879
HIGH
Pivotal Spring Security <4.2.1 - Auth Bypass
Jan 06, 2017
CVSS 7.5
EPSS 0.00
CVE-2016-9878
HIGH
Spring Framework < 3.2.18, 4.2.x < 4.2.9, 4.3.x < 4.3.5 - Path Traversal via ResourceServlet
Dec 29, 2016
CVSS 7.5
EPSS 0.05
CVE-2016-7463
MEDIUM
VMware ESXi 5.5 and 6.0 - Authenticated Cross-Site Scripting via Crafted VM
Dec 29, 2016
CVSS 5.4
EPSS 0.00
CVE-2016-7462
HIGH
VMware vROps <6.4.0 - Deserialization
Dec 29, 2016
CVSS 8.5
EPSS 0.02
CVE-2016-7461
HIGH
VMware Fusion and Fusion Pro - Arbitrary Code Execution via Drag-and-Drop Function
Dec 29, 2016
CVSS 8.8
EPSS 0.00
CVE-2016-7460
CRITICAL
VMware vRealize Automation 6.x < 6.2.5 - XML External Entity Injection
Dec 29, 2016
CVSS 9.1
EPSS 0.02
CVE-2016-7459
HIGH
VMware vCenter Server 5.5-6.0 - Authenticated XXE Injection via Log Browser, Distributed Switch, or Content Library
Dec 29, 2016
CVSS 7.7
EPSS 0.01
CVE-2016-7458
MEDIUM
VMware vSphere Client 5.5-6.0 - XML External Entity Injection via External Entity Declaration
Dec 29, 2016
CVSS 5.8
EPSS 0.00
CVE-2016-7457
CRITICAL
VMware vRealize Operations 6.x - Authenticated Privilege Escalation and Virtual Machine Manipulation
Dec 29, 2016
CVSS 10.0
EPSS 0.02
CVE-2016-7456
CRITICAL
VMware vSphere Data Protection 5.5.x-6.1.x - Unauthenticated SSH Login via Default Private Key
Dec 29, 2016
CVSS 9.8
EPSS 0.82
CVE-2016-7087
MEDIUM
VMware Horizon View 5.x-6.x - Directory Traversal
Dec 29, 2016
CVSS 5.3
EPSS 0.02
Products
workstation 213
esxi 139
cloud_foundation 132
fusion 131
player 89
esx 86
vcenter_server 79
server 58
spring_framework 48
ace 44
identity_manager 28
workstation_pro 27
workstation_player 26
horizon_client 25
spring_security 24
Workstation 23
tools 22
vrealize_suite_lifecycle_manager 21
vrealize_automation 20
spring_boot 18
vrealize_operations 18
ESXi 16
vmware_workstation 15
vrealize_log_insight 15
workspace_one_access 15
horizon_view 14
spring_ai 14
vcenter_server_appliance 14
Fusion 13
aria_operations 13
Quick Filters