Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vcenter server 6.5 vulnerabilities and exploits
(subscribe to this query)
8.8
CVSSv3
CVE-2022-31696
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Cloud Foundation
Vmware Esxi 7.0
Vmware Cloud Foundation 4.4.1
Vmware Cloud Foundation 4.4.1.1
Vmware Cloud Foundation 4.4
Vmware Cloud Foundation 4.5
Vmware Cloud Foundation 4.76
Vmware Cloud Foundation 3.11
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.3.11
1 Article
5.5
CVSSv3
CVE-2022-31697
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext password...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
1 Article
5.3
CVSSv3
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.1
Vmware Cloud Foundation 4.2.1
Vmware Cloud Foundation 4.1.0.1
Vmware Cloud Foundation 3.11
1 Article
3.3
CVSSv3
CVE-2022-31699
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
Vmware Cloud Foundation 4.0.1
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.1
Vmware Cloud Foundation 4.2.1
Vmware Cloud Foundation 4.1.0.1
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 3.11
1 Article
9.1
CVSSv3
CVE-2022-31680
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.
Vmware Vcenter Server 6.5
Vmware Vcenter Server
1 Article
7.5
CVSSv3
CVE-2022-22982
The vCenter Server contains a server-side request forgery (SSRF) vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
6.5
CVSSv3
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
Vmware Cloud Foundation 3.11
1 Github repository
7.5
CVSSv3
CVE-2021-21980
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Cloud Foundation 3.0
3 Github repositories
9.8
CVSSv3
CVE-2021-22049
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Serv...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
8.8
CVSSv3
CVE-2021-22048
The vCenter Server contains a privilege escalation vulnerability in the IWA (Integrated Windows Authentication) authentication mechanism. A malicious actor with non-administrative access to vCenter Server may exploit this issue to elevate privileges to a higher privileged group.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
NEXT »