Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vcenter server 7.0 vulnerabilities and exploits
(subscribe to this query)
4.6
CVSSv2
CVE-2021-21991
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
4.3
CVSSv2
CVE-2014-4632
VMware vSphere Data Protection (VDP) 5.1, 5.5 prior to 5.5.9, and 5.8 prior to 5.8.1 and the proxy client in EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-t...
Vmware Vsphere Data Protection 5.5.7
Vmware Vsphere Data Protection 5.5.8
Vmware Vsphere Data Protection 5.5.1
Vmware Vsphere Data Protection 5.5.6
Vmware Vsphere Data Protection 5.1
Vmware Vsphere Data Protection 5.8.0
4.3
CVSSv2
CVE-2009-3731
Multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help 2.0 up to and including 5.0 in VMware vCenter 4.0 before Update 1 Build 208156; VMware Server 2.0.2; VMware ESX 4.0; VMware Lab Manager 2.x; VMware vCenter Lab Manager 3.x and 4.x prior to 4.0.1; VMware Stage Ma...
Webworks Epublisher 2009.2
Webworks Epublisher 2009.1
Webworks Epublisher 9.1
Webworks Epublisher 9.0
Webworks Publisher 7.0
Webworks Publisher 8.0
Webworks Epublisher 2008.4
Webworks Epublisher 2008.3
Webworks Help 2.0
Webworks Help 3.0
Webworks Epublisher 2008.2
Webworks Epublisher 2008.1
Webworks Help 4.0
Webworks Help 5.0
Webworks Epublisher 9.3
Webworks Epublisher 9.2
Webworks Publisher 2003
Webworks Publisher 6.0
Vmware Vcenter 4.0
Vmware Esx Server 4.0
Vmware Lab Manager 2.0
Vmware Stage Manager
4
CVSSv2
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Cloud Foundation
Vmware Cloud Foundation 3.11
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
1 Github repository
4
CVSSv2
CVE-2021-21993
The vCenter Server contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to in...
Vmware Cloud Foundation
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
1 Article
2.1
CVSSv2
CVE-2021-22020
The vCenter Server contains a denial-of-service vulnerability in the Analytics service. Successful exploitation of this issue may allow an malicious user to create a denial-of-service condition on vCenter Server.
Vmware Cloud Foundation
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
2.1
CVSSv2
CVE-2021-22007
The vCenter Server contains a local information disclosure vulnerability in the Analytics service. An authenticated user with non-administrative privilege may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
NA
CVE-2023-34048
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
1 Github repository
4 Articles
NA
CVE-2023-34056
vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
1 Article
NA
CVE-2023-20896
The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of cer...
Vmware Vcenter Server 7.0
Vmware Vcenter Server
Vmware Vcenter Server 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »