Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20168
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local malicious user to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication ...
Cisco Nx-os 9.3\\(11\\)
Cisco Nx-os 10.2\\(5\\)
Cisco Nx-os -
NA
CVE-2023-39250
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions before 6.1.1 and Replay Manager for VMware (RMSV) versions before 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentia...
Dell Replay Manager For Vmware
Dell Storage Vsphere Client Plugin
Dell Storage Integration Tools For Vmware
NA
CVE-2023-34037
VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.
Vmware Horizon Client 2212
Vmware Horizon Client 2006
Vmware Horizon Client 2012
Vmware Horizon Client 2103
Vmware Horizon Client 2106
Vmware Horizon Client 2111
Vmware Horizon Client 2111.1
Vmware Horizon Client 2203
1 Github repository
NA
CVE-2023-34038
VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.
Vmware Horizon Client 2212
Vmware Horizon Client 2006
Vmware Horizon Client 2012
Vmware Horizon Client 2103
Vmware Horizon Client 2106
Vmware Horizon Client 2111
Vmware Horizon Client 2111.1
Vmware Horizon Client 2203
1 Github repository
NA
CVE-2023-20891
The VMware Tanzu Application Service for VMs and Isolation Segment contain an information disclosure vulnerability due to the logging of credentials in hex encoding in platform system audit logs. A malicious non-admin user who has access to the platform system audit logs can acce...
Vmware Isolation Segment
Vmware Tanzu Application Service For Virtual Machines
NA
CVE-2023-34034
Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and Spring WebFlux, and the potential for a security bypass.
Vmware Spring Security
1 Github repository
NA
CVE-2023-34035
Spring Security versions 5.8 before 5.8.5, 6.0 before 6.0.5, and 6.1 before 6.1.2 could be susceptible to authorization rule misconfiguration if the application uses requestMatchers(String) and multiple servlets, one of them being Spring MVC’s DispatcherServlet. (Dispatcher...
Vmware Spring Security
4 Github repositories
NA
CVE-2023-34036
Reactive web applications that use Spring HATEOAS to produce hypermedia-based responses might be exposed to malicious forwarded headers if they are not behind a trusted proxy that ensures correctness of such headers, or if they don't have anything else in place to handle (a...
Vmware Spring Hateoas 2.1.0
Vmware Spring Hateoas
NA
CVE-2023-20899
VMware SD-WAN (Edge) contains a bypass authentication vulnerability. An unauthenticated attacker can download the Diagnostic bundle of the application under VMware SD-WAN Management.
Vmware Sd-wan Edge Firmware
NA
CVE-2023-20896
The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of cer...
Vmware Vcenter Server 7.0
Vmware Vcenter Server
Vmware Vcenter Server 8.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »