Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2023-20887
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
Vmware Vrealize Network Insight
1 Metasploit module
4 Github repositories
1 Article
9.8
CVSSv3
CVE-2023-20864
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root.
Vmware Cloud Foundation
Vmware Aria Operations For Logs
9.8
CVSSv3
CVE-2023-20873
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6...
Vmware Spring Boot
9.8
CVSSv3
CVE-2022-31704
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.
Vmware Vrealize Log Insight
2 Github repositories
1 Article
9.8
CVSSv3
CVE-2022-31706
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
Vmware Vrealize Log Insight
2 Github repositories
9.8
CVSSv3
CVE-2022-31702
vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.
Vmware Vrealize Network Insight 6.5.1
Vmware Vrealize Network Insight 6.2.0
Vmware Vrealize Network Insight 6.3.0
Vmware Vrealize Network Insight 6.4.0
Vmware Vrealize Network Insight 6.6.0
Vmware Vrealize Network Insight 6.7.0
1 Article
9.8
CVSSv3
CVE-2022-38651
A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to bypass some authentication requirements when issuing requests to Hyperic Server. NOTE: This vulnerability only affects products that are no lo...
Vmware Hyperic Server 5.8.6
9.8
CVSSv3
CVE-2022-31685
VMware Workspace ONE Assist before 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
Vmware Workspace One Assist
1 Article
9.8
CVSSv3
CVE-2022-31686
VMware Workspace ONE Assist before 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
Vmware Workspace One Assist
1 Article
9.8
CVSSv3
CVE-2022-31687
VMware Workspace ONE Assist before 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application.
Vmware Workspace One Assist
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »