vmware

950 tracked vulnerabilities.

CVE-2023-34038 MEDIUM
VMware Horizon Server - Info Disclosure
Aug 04, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-34037 MEDIUM
VMware Horizon Server - HTTP Smuggling
Aug 04, 2023
CVSS 5.3
EPSS 0.01
CVE-2023-20891 MEDIUM
VMware Tanzu Application Service for VMs and Isolation Segment 2.11.0-2.11.34 - Credential Disclosure in Audit Logs
Jul 26, 2023
CVSS 6.5
EPSS 0.00
CVE-2023-34034 CRITICAL
Spring Security 5.6.0-5.6.11, 5.7.0-5.7.8, 5.8.0-5.8.3, 6.0.0-6.0.3, 6.1.0 Security Bypass
Jul 19, 2023
CVSS 9.1
EPSS 0.49
CVE-2023-34035 HIGH
Spring Security <5.8.5,6.0.5,6.1.2 - Info Disclosure
Jul 18, 2023
CVSS 7.3
EPSS 0.03
CVE-2023-34036 MEDIUM
Reactive web apps using Spring HATEOAS - SSRF
Jul 17, 2023
CVSS 5.3
EPSS 0.00
CVE-2023-20899 HIGH
VMware SD-WAN Edge Firmware 4.5.0-4.5.1 - Unauthenticated Diagnostic Bundle Download
Jul 06, 2023
CVSS 7.5
EPSS 0.00
CVE-2023-20896 MEDIUM
VMware vCenter Server 4.0-6.x - Denial of Service via DCERPC Protocol Out-of-bounds Read
Jun 22, 2023
CVSS 5.9
EPSS 0.00
CVE-2023-20895 HIGH
VMware vCenter Server - Memory Corruption via DCERPC Protocol Implementation
Jun 22, 2023
CVSS 8.1
EPSS 0.00
CVE-2023-20894 HIGH
VMware vCenter Server - Out-of-bounds Write in DCERPC Protocol Implementation
Jun 22, 2023
CVSS 8.1
EPSS 0.47
CVE-2023-20893 HIGH
VMware vCenter Server - Use-After-Free in DCERPC Protocol Implementation
Jun 22, 2023
CVSS 8.1
EPSS 0.03
CVE-2023-20892 HIGH
VMware vCenter Server - Remote Code Execution via DCERPC Protocol Heap Overflow
Jun 22, 2023
CVSS 8.1
EPSS 0.05
CVE-2023-20867 LOW KEV
VMware Tools 10.3.0-12.2.5 - Improper Authentication
Jun 13, 2023
CVSS 3.9
EPSS 0.03
CVE-2023-20889 HIGH NUCLEI
VMware Aria Operations for Networks 6.2.0-6.9.0 - Command Injection
Jun 07, 2023
CVSS 7.5
EPSS 0.90
CVE-2023-20888 HIGH NUCLEI
VMware Aria Operations for Networks 6.2.0-6.9.0 - Authenticated Remote Code Execution via Deserialization
Jun 07, 2023
CVSS 8.8
EPSS 0.89
CVE-2023-20887 CRITICAL KEVNUCLEI
VMWare Aria Operations for Networks (vRealize Network Insight) pre-authenticated RCE
Jun 07, 2023
CVSS 9.8
EPSS 0.94
CVE-2023-20884 MEDIUM
VMware Identity Manager and Workspace ONE Access - Unauthenticated Open Redirect via Improper Path Handling
May 30, 2023
CVSS 6.1
EPSS 0.00
CVE-2023-20883 HIGH
Spring Boot 2.5.0-2.5.14, 2.6.0-2.6.14, 2.7.0-2.7.11, 3.0.0-3.0.6 DoS via Reverse Proxy Cache
May 26, 2023
CVSS 7.5
EPSS 0.01
CVE-2023-31131 HIGH
Greenplum Database <6.22.3 - Path Traversal
May 15, 2023
CVSS 7.4
EPSS 0.01
CVE-2023-20880 MEDIUM
VMware Aria Operations 8.6.0-8.11.0 - Privilege Escalation to Root
May 12, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-20879 MEDIUM
VMware Aria Operations - Local Privilege Escalation
May 12, 2023
CVSS 6.7
EPSS 0.00
CVE-2023-20878 HIGH
VMware Aria Operations - Authenticated Remote Code Execution via Deserialization
May 12, 2023
CVSS 7.2
EPSS 0.02
CVE-2023-20877 HIGH
VMware Aria Operations - Authenticated Privilege Escalation via Code Execution
May 12, 2023
CVSS 8.8
EPSS 0.01
CVE-2023-20870 MEDIUM
VMware Fusion 13.0.0-13.0.1 and Workstation 17.0.0-17.0.1 - Out-of-bounds Read in Bluetooth Device Sharing
Apr 25, 2023
CVSS 6.0
EPSS 0.00
CVE-2023-20869 HIGH
VMware Fusion 13.0.0-13.0.1 and Workstation 17.0.0-17.0.1 - Stack-based Buffer Overflow in Bluetooth Device Sharing
Apr 25, 2023
CVSS 8.2
EPSS 0.02
Products
workstation 213 esxi 139 cloud_foundation 132 fusion 131 player 89 esx 86 vcenter_server 79 server 58 spring_framework 48 ace 44 identity_manager 28 workstation_pro 27 workstation_player 26 horizon_client 25 spring_security 24 Workstation 23 tools 22 vrealize_suite_lifecycle_manager 21 vrealize_automation 20 spring_boot 18 vrealize_operations 18 ESXi 16 vmware_workstation 15 vrealize_log_insight 15 workspace_one_access 15 horizon_view 14 spring_ai 14 vcenter_server_appliance 14 Fusion 13 aria_operations 13
Quick Filters
Critical CVEs With Exploits In CISA KEV