Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vsphere vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2021-21986
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Serv...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
1 Github repository
1 Article
10
CVSSv2
CVE-2021-21985
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute com...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
15 Github repositories
1 Article
10
CVSSv2
CVE-2021-21972
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Se...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
46 Github repositories
2 Articles
10
CVSSv2
CVE-2018-11066
Dell EMC Avamar Client Manager in Dell EMC Avamar Server versions 7.2.0, 7.2.1, 7.3.0, 7.3.1, 7.4.0, 7.4.1, 7.5.0, 7.5.1, 18.1 and Dell EMC Integrated Data Protection Appliance (IDPA) versions 2.0, 2.1 and 2.2 contain a Remote Code Execution vulnerability. A remote unauthenticate...
Dell Emc Integrated Data Protection Appliance 2.2
Dell Emc Avamar 7.3.1
Dell Emc Avamar 7.2.0
Dell Emc Avamar 18.1
Dell Emc Avamar 7.5.1
Dell Emc Avamar 7.5.0
Dell Emc Avamar 7.4.1
Dell Emc Avamar 7.2.1
Dell Emc Integrated Data Protection Appliance 2.1
Dell Emc Integrated Data Protection Appliance 2.0
Dell Emc Avamar 7.4.0
Dell Emc Avamar 7.3.0
Vmware Vsphere Data Protection 6.0.4
Vmware Vsphere Data Protection 6.0.6
Vmware Vsphere Data Protection 6.1.2
Vmware Vsphere Data Protection 6.1.4
Vmware Vsphere Data Protection 6.0.7
Vmware Vsphere Data Protection 6.0.8
Vmware Vsphere Data Protection 6.1.0
Vmware Vsphere Data Protection 6.1.1
Vmware Vsphere Data Protection 6.0.0
Vmware Vsphere Data Protection 6.0.1
10
CVSSv2
CVE-2017-4947
VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x prior to 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote malicious users to execute arbitrary code on the appliance.
Vmware Vrealize Automation 7.3.0
Vmware Vrealize Automation 7.2.0
Vmware Vsphere Integrated Containers
10
CVSSv2
CVE-2016-7456
VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote malicious users to obtain login access via an SSH session.
Vmware Vsphere Data Protection 6.1.3
Vmware Vsphere Data Protection 5.5.5
Vmware Vsphere Data Protection 5.5.6
Vmware Vsphere Data Protection 5.5.7
Vmware Vsphere Data Protection 6.0.4
Vmware Vsphere Data Protection 5.5.1
Vmware Vsphere Data Protection 5.8.0
Vmware Vsphere Data Protection 5.8.1
Vmware Vsphere Data Protection 5.8.2
Vmware Vsphere Data Protection 5.8.3
Vmware Vsphere Data Protection 5.8.4
Vmware Vsphere Data Protection 6.1.0
Vmware Vsphere Data Protection 6.1.2
Vmware Vsphere Data Protection 5.5.8
Vmware Vsphere Data Protection 5.5.10
Vmware Vsphere Data Protection 6.0.0
Vmware Vsphere Data Protection 6.0.2
Vmware Vsphere Data Protection 6.1.1
Vmware Vsphere Data Protection 5.5.9
Vmware Vsphere Data Protection 5.5.11
Vmware Vsphere Data Protection 6.0.1
Vmware Vsphere Data Protection 6.0.3
10
CVSSv2
CVE-2015-7425
The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 prior to 6.3.2.5, 6.4 prior to 6.4.3.1, and 7.1 prior to 7.1.4 and Tivoli Storage FlashCo...
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 6.4.1
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 6.3.2
Ibm Tivoli Storage Flashcopy Manager For Vmware 6.4.3
Ibm Tivoli Storage Flashcopy Manager For Vmware 6.4.2
Ibm Tivoli Storage Flashcopy Manager For Vmware 6.3
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 6.3.1
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.3
Ibm Tivoli Storage Flashcopy Manager For Vmware 3.2
Ibm Tivoli Storage Flashcopy Manager For Vmware 3.1.1
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.2
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.1
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.0
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.0
Ibm Tivoli Storage Flashcopy Manager For Vmware 6.4
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.3
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 7.1.2
Ibm Tivoli Storage Flashcopy Manager For Vmware 3.1
Ibm Tivoli Storage Manager For Virtual Environments Data Protection For Vmware 4.1.1
10
CVSSv2
CVE-2013-1405
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 up to and including 4.1, and VMware ESX 3.5 up to and including 4.1 do not pro...
Vmware Vcenter Server 4.1
Vmware Vcenter Server 4.0
Vmware Virtualcenter 2.5
Vmware Vsphere Client 4.0
Vmware Vsphere Client 4.1
Vmware Vi-client 2.5
Vmware Esxi 3.5
Vmware Esxi 4.1
Vmware Esxi 4.0
Vmware Esx 3.5
Vmware Esx 4.0
Vmware Esx 4.1
9.3
CVSSv2
CVE-2014-1209
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote malicious users to trigger the downloading and execution of an arbitrary program via unspecified vectors.
Vmware Vsphere Client 4.1
Vmware Vsphere Client 5.0
Vmware Vsphere Client 5.1
Vmware Vsphere Client 4.0
9
CVSSv2
CVE-2014-3790
Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.
Vmware Vcenter Server Appliance 5.5
Vmware Vcenter Server Appliance 5.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-3611
CVE-2024-4947
CVE-2024-32988
CVE-2020-35165
local file inclusion
CVE-2024-4980
bypass
malicious code
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »