Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware cloud foundation vulnerabilities and exploits
(subscribe to this query)
5
CVSSv2
CVE-2021-21973
The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leadi...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
10 Github repositories
1 Article
5.8
CVSSv2
CVE-2021-21974
OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the he...
Vmware Cloud Foundation
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0.0
5 Github repositories
4 Articles
2.1
CVSSv2
CVE-2020-3999
VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x before 16.0 and 15.x before 15.5.7), VMware Fusion (12.x before 12.0 and 11.x before 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo...
Vmware Workstation
Vmware Esxi
Vmware Fusion
9
CVSSv2
CVE-2020-4006
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
Vmware Identity Manager 3.3.1
Vmware Identity Manager 3.3.2
Vmware Identity Manager 3.3.3
Vmware Identity Manager Connector 3.3.1
Vmware Identity Manager Connector 3.3.2
Vmware One Access 20.01
Vmware One Access 20.10
Vmware Identity Manager Connector 3.3.3
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Vrealize Suite Lifecycle Manager
2 Articles
4.6
CVSSv2
CVE-2020-4004
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x prior to 15.5.7), Fusion (11.x prior to 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local adminis...
Vmware Fusion
Vmware Cloud Foundation
Vmware Workstation
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
1 Article
7.2
CVSSv2
CVE-2020-4005
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only...
Vmware Cloud Foundation
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
1 Article
10
CVSSv2
CVE-2020-3992
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trig...
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Cloud Foundation
Vmware Esxi 7.0.0
3 Github repositories
1 Article
3.5
CVSSv2
CVE-2020-3981
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x prior to 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious a...
Vmware Cloud Foundation
Vmware Workstation
Vmware Esxi 7.0.0
Vmware Fusion
Vmware Esxi 6.5
Vmware Esxi 6.7
1 Article
4.9
CVSSv2
CVE-2020-3982
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x prior to 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious ...
Vmware Esxi 7.0.0
Vmware Esxi 6.7
Vmware Esxi 6.5
Vmware Cloud Foundation
Vmware Workstation
Vmware Workstation Player
Vmware Fusion
1 Article
4.3
CVSSv2
CVE-2020-3993
VMware NSX-T (3.x prior to 3.0.2, 2.5.x prior to 2.5.2.2.0) contains a security vulnerability that exists in the way it allows a KVM host to download and install packages from NSX manager. A malicious actor with MITM positioning may be able to exploit this issue to compromise the...
Vmware Cloud Foundation
Vmware Nsx-t Data Center
1 Article
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
inject
CVE-2024-34001
CVE-2024-37018
LFI
CVE-2024-1275
CVE-2024-1086
CSRF
CVE-2024-31030
CVE-2024-24919
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »