Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
935
VMScore
CVE-2011-2217
Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly ha...
Tomsawyer Get Extension Factory 5.5.2.237
Vmware Virtual Infrastructure Client 2.0.2
Vmware Virtual Infrastructure Client 2.5
Vmware Infrastructure 3
1 EDB exploit
935
VMScore
CVE-2007-4155
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote malicious users to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.
Emc Vmware 6.0.0
1 EDB exploit
904
VMScore
CVE-2021-21972
The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Se...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
46 Github repositories
2 Articles
894
VMScore
CVE-2021-21985
The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exploit this issue to execute com...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
15 Github repositories
1 Article
893
VMScore
CVE-2006-4304
Buffer overflow in the sppp driver in FreeBSD 4.11 up to and including 6.1, NetBSD 2.0 up to and including 4.0 beta prior to 20060823, and OpenBSD 3.8 and 3.9 prior to 20060902 allows remote malicious users to cause a denial of service (panic), obtain sensitive information, and p...
Freebsd Freebsd 4.11
Netbsd Netbsd 3.0
Netbsd Netbsd 4.0
Freebsd Freebsd 5.5
Freebsd Freebsd 6.0
Freebsd Freebsd 5.3
Freebsd Freebsd 5.4
Openbsd Openbsd 3.8
Openbsd Openbsd 3.9
Freebsd Freebsd 6.1
Netbsd Netbsd 2.0
11 Github repositories
891
VMScore
CVE-2021-21983
Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) before 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the underlying photon operating system...
Vmware Vrealize Operations Manager 7.0.0
Vmware Vrealize Operations Manager 7.5.0
Vmware Vrealize Operations Manager 8.0.0
Vmware Vrealize Operations Manager 8.0.1
Vmware Vrealize Operations Manager 8.1.0
Vmware Vrealize Operations Manager 8.1.1
Vmware Vrealize Operations Manager 8.2.0
Vmware Vrealize Operations Manager 8.3.0
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.0
1 Metasploit module
4 Github repositories
891
VMScore
CVE-2020-3992
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trig...
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Cloud Foundation
Vmware Esxi 7.0.0
2 Github repositories
1 Article
891
VMScore
CVE-2017-4918
VMware Horizon View Client (2.x, 3.x and 4.x before 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is i...
Vmware Horizon View 3.0
Vmware Horizon View 2.3
Vmware Horizon View 4.2.0
Vmware Horizon View 4.0.1
Vmware Horizon View 2.2
Vmware Horizon View 2.1
Vmware Horizon View 2.0
Vmware Horizon View 3.2
Vmware Horizon View 3.1
Vmware Horizon View 4.4.0
Vmware Horizon View 4.3.0
Vmware Horizon View 3.3
Vmware Horizon View 4.0.0
Vmware Horizon View 4.1.0
890
VMScore
CVE-2021-21986
The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Serv...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
1 Github repository
1 Article
890
VMScore
CVE-2021-25139
A potential security vulnerability has been identified in the HPE Moonshot Provisioning Manager v1.20. The HPE Moonshot Provisioning Manager is an application that is installed in a VMWare or Microsoft Hyper-V environment that is used to setup and configure an HPE Moonshot 1500 c...
Hp Moonshot Provisioning Manager 1.20
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
XXE
CVE-2024-34490
SQL injection
CVE-2024-34488
CVE-2024-4507
CVE-2023-7028
CVE-2024-23187
TCP
CVE-2024-4439
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »