Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34043
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.
Vmware Cloud Foundation
Vmware Cloud Foundation 5.0
Vmware Aria Operations 8.10.0
Vmware Aria Operations 8.6.0
Vmware Aria Operations 8.12.0
NA
CVE-2023-34047
A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with values, including security context values, from a different session. An application is vulnerable if it provides a DataLoaderOptions instance when registe...
Vmware Spring For Graphql
NA
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has ...
Vmware Tools
Vmware Open Vm Tools
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp Ontap Select Deploy Administration Utility -
NA
CVE-2023-34039
Aria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique cryptographic key generation. A malicious actor with network access to Aria Operations for Networks could bypass SSH authentication to gain access to the Aria Operations for Netwo...
Vmware Aria Operations For Networks
3 Github repositories
NA
CVE-2023-20890
Aria Operations for Networks contains an arbitrary file write vulnerability. An authenticated malicious actor with administrative access to VMware Aria Operations for Networks can write files to arbitrary locations resulting in remote code execution.
Vmware Aria Operations For Networks
NA
CVE-2023-34040
In Spring for Apache Kafka 3.0.9 and previous versions and versions 2.9.10 and previous versions, a possible deserialization attack vector existed, but only if unusual configuration was applied. An attacker would have to construct a malicious serialized object in one of the deser...
Vmware Spring For Apache Kafka
4 Github repositories
NA
CVE-2023-20168
A vulnerability in TACACS+ and RADIUS remote authentication for Cisco NX-OS Software could allow an unauthenticated, local malicious user to cause an affected device to unexpectedly reload. This vulnerability is due to incorrect input validation when processing an authentication ...
Cisco Nx-os 9.3\\(11\\)
Cisco Nx-os 10.2\\(5\\)
Cisco Nx-os -
NA
CVE-2023-39250
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions before 6.1.1 and Replay Manager for VMware (RMSV) versions before 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentia...
Dell Replay Manager For Vmware
Dell Storage Vsphere Client Plugin
Dell Storage Integration Tools For Vmware
NA
CVE-2023-34037
VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests.
Vmware Horizon Client 2212
Vmware Horizon Client 2006
Vmware Horizon Client 2012
Vmware Horizon Client 2103
Vmware Horizon Client 2106
Vmware Horizon Client 2111
Vmware Horizon Client 2111.1
Vmware Horizon Client 2203
1 Github repository
NA
CVE-2023-34038
VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration.
Vmware Horizon Client 2212
Vmware Horizon Client 2006
Vmware Horizon Client 2012
Vmware Horizon Client 2103
Vmware Horizon Client 2106
Vmware Horizon Client 2111
Vmware Horizon Client 2111.1
Vmware Horizon Client 2203
1 Github repository
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »