Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vcenter server 6.7 vulnerabilities and exploits
(subscribe to this query)
7.4
CVSSv3
CVE-2020-3994
VMware vCenter Server (6.7 prior to 6.7u3, 6.6 prior to 6.5u3k) contains a session hijack vulnerability in the vCenter Server Appliance Management Interface update function due to a lack of certificate validation. A malicious actor with network positioning between vCenter Server ...
Vmware Cloud Foundation
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
7.5
CVSSv3
CVE-2021-21980
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Cloud Foundation 3.0
3 Github repositories
6.5
CVSSv3
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Cloud Foundation
Vmware Cloud Foundation 3.11
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
1 Github repository
9.8
CVSSv3
CVE-2020-3952
Under certain conditions, vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller (PSC), does not correctly implement access controls.
Vmware Vcenter Server 6.7
5 Github repositories
2 Articles
5.3
CVSSv3
CVE-2021-22017
Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to bypass proxy leading to internal endpoints being accessed.
Vmware Vcenter Server 6.7
1 Article
6.1
CVSSv3
CVE-2021-22016
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link.
Vmware Cloud Foundation
Vmware Vcenter Server 6.7
5.3
CVSSv3
CVE-2022-31698
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 4.0.1
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.1
Vmware Cloud Foundation 4.2.1
Vmware Cloud Foundation 4.1.0.1
Vmware Cloud Foundation 3.11
1 Article
8.8
CVSSv3
CVE-2022-31696
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Cloud Foundation
Vmware Esxi 7.0
Vmware Cloud Foundation 4.4.1
Vmware Cloud Foundation 4.4.1.1
Vmware Cloud Foundation 4.4
Vmware Cloud Foundation 4.5
Vmware Cloud Foundation 4.76
Vmware Cloud Foundation 3.11
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.3.11
1 Article
3.3
CVSSv3
CVE-2022-31699
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure.
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
Vmware Cloud Foundation 4.0.1
Vmware Cloud Foundation 3.0.1
Vmware Cloud Foundation 3.0.1.1
Vmware Cloud Foundation 3.5
Vmware Cloud Foundation 3.5.1
Vmware Cloud Foundation 3.7
Vmware Cloud Foundation 3.7.1
Vmware Cloud Foundation 3.7.2
Vmware Cloud Foundation 3.8
Vmware Cloud Foundation 3.8.1
Vmware Cloud Foundation 3.9
Vmware Cloud Foundation 3.9.1
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.1
Vmware Cloud Foundation 4.2.1
Vmware Cloud Foundation 4.1.0.1
Vmware Cloud Foundation 3.0
Vmware Cloud Foundation 4.0
Vmware Cloud Foundation 3.11
1 Article
6.5
CVSSv3
CVE-2020-3592
A vulnerability in the web-based management interface of Cisco SD-WAN vManage Software could allow an authenticated, remote malicious user to bypass authorization and modify the configuration of an affected system. The vulnerability is due to insufficient authorization checking o...
Cisco Sd-wan Vmanage
Cisco Catalyst Sd-wan Manager 20.3.1
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
CVE-2006-4304
wireless
CVE-2023-23022
local file inclusion
CVE-2024-27058
CVE-2024-33820
open redirect
CVE-2024-27079
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »