Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
9.3
CVSSv2
CVE-2007-5025
Unspecified vulnerability in EMC VMware ACE prior to 1.0.3 Build 54075 allows malicious users to have an unknown impact via an unspecified manipulation of "images stored in virtual machines downloaded by the user."
Vmware Ace 1.0.3 Build 54075
9.3
CVSSv2
CVE-2007-4155
Absolute path traversal vulnerability in a certain ActiveX control in vielib.dll in EMC VMware 6.0.0 allows remote malicious users to execute arbitrary local programs via a full pathname in the first two arguments to the (1) CreateProcess or (2) CreateProcessEx method.
Emc Vmware 6.0.0
1 EDB exploit
9
CVSSv2
CVE-2022-0435
A stack overflow flaw was found in the Linux kernel's TIPC protocol functionality in the way a user sends a packet with malicious content where the number of domain member nodes is higher than the 64 allowed. This flaw allows a remote user to crash the system or possibly esc...
Linux Linux Kernel 5.17
Linux Linux Kernel
Redhat Enterprise Linux 8.0
Redhat Enterprise Linux Eus 8.2
Redhat Enterprise Linux Server Tus 8.2
Redhat Enterprise Linux Server Aus 8.2
Redhat Enterprise Linux For Real Time 8
Redhat Enterprise Linux Server Tus 8.4
Redhat Enterprise Linux Eus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.4
Redhat Enterprise Linux For Real Time For Nfv Tus 8.2
Redhat Enterprise Linux For Real Time Tus 8.4
Redhat Enterprise Linux For Real Time Tus 8.2
Redhat Enterprise Linux Server Aus 8.4
Redhat Enterprise Linux For Real Time For Nfv 8
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.2
Redhat Enterprise Linux Server Update Services For Sap Solutions 8.4
Redhat Enterprise Linux For Power Little Endian Eus 8.2
Redhat Enterprise Linux For Ibm Z Systems Eus 8.2
Redhat Enterprise Linux For Power Little Endian 8.0
Redhat Enterprise Linux For Ibm Z Systems Eus 8.4
Redhat Enterprise Linux For Ibm Z Systems 8.0
1 Github repository
9
CVSSv2
CVE-2022-22951
VMware Carbon Black App Control (8.5.x before 8.5.14, 8.6.x before 8.6.6, 8.7.x before 8.7.4 and 8.8.x before 8.8.2) contains an OS command injection vulnerability. An authenticated, high privileged malicious actor with network access to the VMware App Control administration inte...
Vmware Carbon Black App Control
1 Article
9
CVSSv2
CVE-2022-22952
VMware Carbon Black App Control (8.5.x before 8.5.14, 8.6.x before 8.6.6, 8.7.x before 8.7.4 and 8.8.x before 8.8.2) contains a file upload vulnerability. A malicious actor with administrative access to the VMware App Control administration interface may be able to execute code o...
Vmware Carbon Black App Control
1 Article
9
CVSSv2
CVE-2021-22014
The vCenter Server contains an authenticated code execution vulnerability in VAMI (Virtual Appliance Management Infrastructure). An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system...
Vmware Cloud Foundation
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
9
CVSSv2
CVE-2021-22112
Spring Security 5.4.x before 5.4.4, 5.3.x before 5.3.8.RELEASE, 5.2.x before 5.2.9.RELEASE, and older unsupported versions can fail to save the SecurityContext if it is changed more than once in a single request.A malicious user cannot cause the bug to happen (it must be programm...
Vmware Spring Security
Pivotal Software Spring Security
Oracle Hospitality Cruise Shipboard Property Management System 20.1.0
Oracle Communications Interactive Session Recorder 6.3
Oracle Communications Interactive Session Recorder 6.4
Oracle Communications Unified Inventory Management 7.4.1
Oracle Insurance Policy Administration 11.3.0
Oracle Insurance Policy Administration 11.2.0
Oracle Communications Element Manager
Oracle Mysql Enterprise Monitor
1 Github repository
9
CVSSv2
CVE-2020-4006
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
Vmware Identity Manager 3.3.1
Vmware Identity Manager 3.3.2
Vmware Identity Manager 3.3.3
Vmware Identity Manager Connector 3.3.1
Vmware Identity Manager Connector 3.3.2
Vmware One Access 20.01
Vmware One Access 20.10
Vmware Identity Manager Connector 3.3.3
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Vrealize Suite Lifecycle Manager
2 Articles
9
CVSSv2
CVE-2020-24045
A sandbox escape issue exists in TitanHQ SpamTitan Gateway 7.07. It limits the admin user to a restricted shell, allowing execution of a small number of tools of the operating system. The restricted shell can be bypassed by presenting a fake vmware-tools ISO image to the guest vi...
Titanhq Spamtitan 7.07
9
CVSSv2
CVE-2019-5515
VMware Workstation (15.x prior to 15.0.3, 14.x prior to 14.1.6) and Fusion (11.x prior to 11.0.3, 10.x prior to 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on ...
Vmware Workstation
Vmware Fusion
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »