Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vsphere vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be a...
Vmware Open Vm Tools
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Vmware Tools
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
7
CVSSv3
CVE-2023-34059
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.
Vmware Open Vm Tools
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
4.3
CVSSv3
CVE-2023-27312
SnapCenter Plugin for VMware vSphere versions 4.6 before 4.9 are susceptible to a vulnerability which may allow authenticated unprivileged users to modify email and snapshot name settings within the VMware vSphere user interface.
Netapp Snapcenter Plug-in
8.8
CVSSv3
CVE-2023-36628
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.
Purestorage Purity//fa
7.5
CVSSv3
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has ...
Vmware Tools
Vmware Open Vm Tools
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp Ontap Select Deploy Administration Utility -
6.5
CVSSv3
CVE-2023-20168
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local malicious user to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication ...
Cisco Nx-os 9.3(11)
Cisco Nx-os 10.2(5)
Cisco Nx-os -
5.5
CVSSv3
CVE-2023-39250
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions before 6.1.1 and Replay Manager for VMware (RMSV) versions before 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentia...
Dell Replay Manager For Vmware
Dell Storage Vsphere Client Plugin
Dell Storage Integration Tools For Vmware
4.8
CVSSv3
CVE-2022-23239
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions before 9.11P1 are susceptible to a vulnerability which allows administrative users to perform a Stored Cross-Site Scripting (XSS) attack.
Netapp Active Iq Unified Manager
6.5
CVSSv3
CVE-2022-23240
Active IQ Unified Manager for VMware vSphere, Linux, and Microsoft Windows versions before 9.11P1 are susceptible to a vulnerability which allows unauthorized users to update EMS Subscriptions via unspecified vectors.
Netapp Active Iq Unified Manager
7.8
CVSSv3
CVE-2023-20050
A vulnerability in the CLI of Cisco NX-OS Software could allow an authenticated, local malicious user to execute arbitrary commands on the underlying operating system of an affected device. This vulnerability is due to insufficient validation of arguments that are passed to speci...
Cisco Nx-os -
Cisco Nx-os
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-37316
firmware
CVE-2024-30078
CVE-2024-5995
remote code execution
logic flaw
CVE-2024-20693
CVE-2024-37315
CVE-2024-5464
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »