Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
7.1
CVSSv3
CVE-2024-21840
Incorrect Default Permissions vulnerability in Hitachi Storage Plug-in for VMware vCenter allows local users to read and write specific files. This issue affects Hitachi Storage Plug-in for VMware vCenter: from 04.0.0 up to and including 04.9.2.
Hitachi Storage Plug-in
7.5
CVSSv3
CVE-2024-22233
In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC...
Vmware Spring Framework 6.1.2
Vmware Spring Framework 6.0.15
8.3
CVSSv3
CVE-2023-34063
Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows.
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 5.0
Vmware Aria Automation 8.11.0
Vmware Aria Automation 8.11.1
Vmware Aria Automation 8.11.2
Vmware Aria Automation 8.12.2
Vmware Aria Automation 8.12.0
Vmware Aria Automation 8.12.1
Vmware Aria Automation 8.13.0
Vmware Aria Automation 8.13.1
Vmware Aria Automation 8.14.1
Vmware Aria Automation 8.14.0
1 Article
9.8
CVSSv3
CVE-2023-22527
A template injection vulnerability on older versions of Confluence Data Center and Server allows an unauthenticated malicious user to achieve RCE on an affected instance. Customers using an affected version must take immediate action. Most recent supported versions of Confluence ...
Atlassian Confluence Data Center
Atlassian Confluence Server
27 Github repositories
2 Articles
7.8
CVSSv3
CVE-2022-22942
The vmwgfx driver contains a local privilege escalation vulnerability that allows unprivileged users to gain access to files opened by other processes on the system through a dangling 'file' pointer.
Vmware Photon Os 4.0
Vmware Photon Os 3.0
4.6
CVSSv3
CVE-2023-34064
Workspace ONE Launcher contains a Privilege Escalation Vulnerability. A malicious actor with physical access to Workspace ONE Launcher could utilize the Edge Panel feature to bypass setup to gain access to sensitive information.
Vmware Workspace One Launcher
1 Article
7.5
CVSSv3
CVE-2023-34053
In Spring Framework versions 6.0.0 - 6.0.13, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC o...
Vmware Spring Framework
6.5
CVSSv3
CVE-2023-34055
In Spring Boot versions 2.7.0 - 2.7.17, 3.0.0-3.0.12 and 3.1.0-3.1.5, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the appl...
Vmware Spring Boot
9.8
CVSSv3
CVE-2023-34060
VMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud Director Appliance was upgraded to 10.5 from an older version. On an upgraded version of VMware Cloud Director Appliance 10.5, a malicious actor with network access to the applian...
Vmware Cloud Director
1 Github repository
1 Article
6.1
CVSSv3
CVE-2023-20886
VMware Workspace ONE UEM console contains an open redirect vulnerability. A malicious actor may be able to redirect a victim to an attacker and retrieve their SAML response to login as the victim user.
Vmware Workspace One Uem
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
cross-site scripting
CVE-2024-5158
XML external entity
CVE-2024-4262
CVE-2024-2036
CVE-2024-4985
CVE-2024-21791
remote attackers
CVE-2023-43208
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »