Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware remote console vulnerabilities and exploits
(subscribe to this query)
10
CVSSv2
CVE-2009-3732
Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote malicious users to execute arbitrary code via unspecified vectors.
Vmware Ace
Vmware Ace 2.6
Vmware Player
Vmware Player 3.0
Vmware Server
Vmware Workstation
Vmware Workstation 7.0
1 EDB exploit
9.3
CVSSv2
CVE-2021-44228
Apache Log4j2 2.0-beta9 up to and including 2.15.0 (excluding security releases 2.12.2, 2.12.3, and 2.3.1) JNDI features used in configuration, log messages, and parameters do not protect against attacker controlled LDAP and other JNDI related endpoints. An attacker who can contr...
Apache Log4j 2.0
Apache Log4j
Siemens Sppa-t3000 Ses3000 Firmware
Siemens Logo\\! Soft Comfort
Siemens Spectrum Power 4 4.70
Siemens Spectrum Power 4
Siemens Siveillance Control Pro
Siemens Energyip Prepay 3.7
Siemens Energyip Prepay 3.8
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Siveillance Command
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Siemens Head-end System Universal Device Integration System
Siemens Gma-manager
Siemens Energyip 8.5
Siemens Energyip 8.6
Siemens Energyip 8.7
Siemens Energyip 9.0
Siemens Energy Engage 3.1
Siemens E-car Operation Center
2 Metasploit modules
1181 Github repositories
28 Articles
9
CVSSv2
CVE-2014-8373
The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 up to and including 6.1.1 allows remote authenticated users to gain privileges via vectors involving the "Connect (by) Using VMRC" function.
Vmware Vcloud Automation Center 6.1.1
Vmware Vcloud Automation Center 6.0.1.1
Vmware Vcloud Automation Center 6.0.1
Vmware Vcloud Automation Center 6.1
Vmware Vcloud Automation Center 6.0.1.2
9
CVSSv2
CVE-2014-3790
Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.
Vmware Vcenter Server Appliance 5.5
Vmware Vcenter Server Appliance 5.1
8.5
CVSSv2
CVE-2016-1301
The RBAC implementation in Cisco ASA-CX Content-Aware Security software prior to 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software prior to 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842.
Cisco Asa Cx Context-aware Security Software 9.1.3-10
Cisco Asa Cx Context-aware Security Software 9.1.2-42
Cisco Asa Cx Context-aware Security Software 9.1.2-29
Cisco Prime Security Manager 9.0.1-40
Cisco Prime Security Manager 9.0.2-68
Cisco Prime Security Manager 9.1.3-13
Cisco Prime Security Manager 9.2.1-1
Cisco Asa Cx Context-aware Security Software 9.1.3-8
Cisco Asa Cx Context-aware Security Software 9.1.3-13
Cisco Asa Cx Context-aware Security Software 9.0.1
Cisco Prime Security Manager 9.0.0
Cisco Prime Security Manager 9.1.3-8
Cisco Prime Security Manager 9.1.3-10
Cisco Asa Cx Context-aware Security Software 9.2.1-4
Cisco Asa Cx Context-aware Security Software 9.2.1-3
Cisco Asa Cx Context-aware Security Software 9.0 Base
Cisco Asa Cx Context-aware Security Software 9.0.2-68
Cisco Prime Security Manager 9.1.0
Cisco Prime Security Manager 9.2.0
Cisco Prime Security Manager 9.2.1-2
Cisco Asa Cx Context-aware Security Software 9.2.1-2
Cisco Asa Cx Context-aware Security Software 9.2.1-1
7.8
CVSSv2
CVE-2012-4629
The Cisco ASA-CX Context-Aware Security module prior to 9.0.2-103 for Adaptive Security Appliances (ASA) devices, and Prime Security Manager (aka PRSM) prior to 9.0.2-103, allows remote malicious users to cause a denial of service (disk consumption and application hang) via unspe...
Cisco Asa Cx Context-aware Security
Cisco Prime Security Manager
7.5
CVSSv2
CVE-2022-22963
In Spring Cloud Function versions 3.1.6, 3.2.2 and older unsupported versions, when using routing functionality it is possible for a user to provide a specially crafted SpEL as a routing-expression that may result in remote code execution and access to local resources.
Vmware Spring Cloud Function
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Banking Cash Management 14.5
Oracle Banking Trade Finance Process Management 14.5
Oracle Banking Credit Facilities Process Management 14.5
Oracle Banking Corporate Lending Process Management 14.5
Oracle Banking Supply Chain Finance 14.5
Oracle Sd-wan Edge 9.1
Oracle Banking Liquidity Management 14.5
Oracle Banking Liquidity Management 14.2
Oracle Banking Virtual Account Management 14.5
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Mysql Enterprise Monitor
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Communications Policy Management 12.6.0.0.0
63 Github repositories
3 Articles
7.5
CVSSv2
CVE-2022-22965
A Spring MVC or Spring WebFlux application running on JDK 9+ may be vulnerable to remote code execution (RCE) via data binding. The specific exploit requires the application to run on Tomcat as a WAR deployment. If the application is deployed as a Spring Boot executable jar, i.e....
Vmware Spring Framework
Cisco Cx Cloud Agent
Oracle Sd-wan Edge 9.0
Oracle Retail Xstore Point Of Service 20.0.1
Oracle Communications Cloud Native Core Security Edge Protection Proxy 1.7.0
Oracle Financial Services Analytical Applications Infrastructure 8.1.1
Oracle Sd-wan Edge 9.1
Siemens Siveillance Identity 1.6
Siemens Siveillance Identity 1.5
Siemens Sipass Integrated 2.85
Siemens Sipass Integrated 2.80
Oracle Product Lifecycle Analytics 3.6.1
Oracle Financial Services Enterprise Case Management 8.1.1.0
Oracle Financial Services Enterprise Case Management 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.2.0
Oracle Financial Services Behavior Detection Platform 8.1.1.1
Oracle Financial Services Behavior Detection Platform 8.1.1.0
Oracle Communications Cloud Native Core Console 1.9.0
Oracle Communications Cloud Native Core Policy 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 1.15.0
Oracle Communications Cloud Native Core Unified Data Repository 22.1.0
Oracle Communications Cloud Native Core Security Edge Protection Proxy 22.1.0
174 Github repositories
7 Articles
7.2
CVSSv2
CVE-2021-21999
VMware Tools for Windows (11.x.y before 11.2.6), VMware Remote Console for Windows (12.x before 12.0.1) , VMware App Volumes (2.x before 2.18.10 and 4 before 2103) contain a local privilege escalation vulnerability. An attacker with normal access to a virtual machine may exploit ...
Vmware Remote Console
Vmware App Volumes
Vmware Tools
7.2
CVSSv2
CVE-2020-3974
VMware Fusion (11.x prior to 11.5.5), VMware Remote Console for Mac (11.x and prior prior to 11.2.0 ) and Horizon Client for Mac (5.x and prior prior to 5.4.3) contain a privilege escalation vulnerability due to improper XPC Client validation. Successful exploitation of this issu...
Vmware Fusion
Vmware Horizon Client
Vmware Remote Console
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-32976
CVE-2024-33557
CVE-2024-36801
CVE-2024-35654
authentication bypass
CVE-2024-24919
CSRF
code execution
CVE-2024-27348
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »