Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vsphere vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2014-1210
VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle malicious users to spoof SSL servers via a crafted certificate.
Vmware Vsphere Client 5.0
Vmware Vsphere Client 5.1
5.8
CVSSv3
CVE-2016-7458
VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Vmware Vsphere Client 5.5
Vmware Vsphere Client 6.0
5.4
CVSSv3
CVE-2019-5531
VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG) and VMware vCenter Server (6.7 before 6.7 U1b, 6.5 before 6.5 U2b, and 6.0 before 6.0 U3j) contain an information disclosure vulnerability in clients ...
Vmware Esxi 6.7
Vmware Vsphere Esxi 6.7
Vmware Vsphere Esxi 6.5
Vmware Vsphere Esxi 6.0
Vmware Vcenter Server 6.0
Vmware Vcenter Server 6.7
Vmware Vcenter Server 6.5
NA
CVE-2012-1512
Cross-site scripting (XSS) vulnerability in the internal browser in vSphere Client in VMware vSphere 4.1 before Update 2 and 5.0 before Update 1 allows remote malicious users to inject arbitrary web script or HTML via a crafted log-file entry.
Vmware Vsphere
7.2
CVSSv3
CVE-2021-21976
vSphere Replication 8.3.x before 8.3.1.2, 8.2.x before 8.2.1.1, 8.1.x before 8.1.2.3 and 6.5.x before 6.5.1.5 contain a post-authentication command injection vulnerability which may allow an authenticated admin user to perform a remote code execution.
Vmware Vsphere Replication
NA
CVE-2013-1405
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 up to and including 4.1, and VMware ESX 3.5 up to and including 4.1 do not pro...
Vmware Vcenter Server 4.0
Vmware Vcenter Server 4.1
Vmware Virtualcenter 2.5
Vmware Vsphere Client 4.0
Vmware Vsphere Client 4.1
Vmware Vi-client 2.5
Vmware Esxi 4.1
Vmware Esxi 4.0
Vmware Esxi 3.5
Vmware Esx 3.5
Vmware Esx 4.1
Vmware Esx 4.0
9.8
CVSSv3
CVE-2017-4947
VMware vRealize Automation (7.3 and 7.2) and vSphere Integrated Containers (1.x prior to 1.3) contain a deserialization vulnerability via Xenon. Successful exploitation of this issue may allow remote malicious users to execute arbitrary code on the appliance.
Vmware Vrealize Automation 7.3.0
Vmware Vrealize Automation 7.2.0
Vmware Vsphere Integrated Containers
9.8
CVSSv3
CVE-2016-5711
NetApp Virtual Storage Console for VMware vSphere prior to 6.2.1 uses a non-unique certificate, which allows remote malicious users to conduct man-in-the-middle attacks via unspecified vectors.
Netapp Virtual Storage Console For Vmware Vsphere
4.7
CVSSv3
CVE-2019-3901
A race condition in perf_event_open() allows local malicious users to leak sensitive data from setuid programs. As no relevant locks (in particular the cred_guard_mutex) are held during the ptrace_may_access() call, it is possible for the specified target task to perform an execv...
Linux Linux Kernel
Debian Debian Linux 8.0
Netapp Vasa Provider For Clustered Data Ontap
Netapp Solidfire -
Netapp Hci Management Node -
Netapp Snapprotect -
Netapp Active Iq Unified Manager For Vmware Vsphere
Netapp Virtual Storage Console For Vmware Vsphere
Netapp Storage Replication Adapter For Clustered Data Ontap For Vmware Vsphere
Netapp Cn1610 Firmware -
5.5
CVSSv3
CVE-2023-39250
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions before 6.1.1 and Replay Manager for VMware (RMSV) versions before 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentia...
Dell Replay Manager For Vmware
Dell Storage Vsphere Client Plugin
Dell Storage Integration Tools For Vmware
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-28995
CVE-2024-36680
CVE-2024-35537
unauthorized
CVE-2024-21518
CVE-2024-37673
cross-site scripting
SSRF
CVE-2024-6241
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »