Filtered by vendor Vmware
Subscriptions
Total
947 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2025-22244 | 2 Broadcom, Vmware | 4 Vmware Nsx, Cloud Foundation, Telco Cloud Infrastructure and 1 more | 2025-07-14 | 6.9 Medium |
| VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation. | ||||
| CVE-2025-22245 | 2 Broadcom, Vmware | 4 Vmware Nsx, Cloud Foundation, Telco Cloud Infrastructure and 1 more | 2025-07-14 | 5.9 Medium |
| VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation. | ||||
| CVE-2025-22249 | 1 Vmware | 3 Aria Automation, Cloud Foundation, Telco Cloud Platform | 2025-07-11 | 8.2 High |
| VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL. | ||||
| CVE-2024-37087 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2025-06-27 | 5.3 Medium |
| The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition. | ||||
| CVE-2024-37086 | 1 Vmware | 2 Cloud Foundation, Esxi | 2025-06-27 | 6.8 Medium |
| VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the host. | ||||
| CVE-2024-22275 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2025-06-27 | 4.9 Medium |
| The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data. | ||||
| CVE-2024-22274 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2025-06-27 | 7.2 High |
| The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system. | ||||
| CVE-2024-22270 | 2 Apple, Vmware | 3 Macos, Fusion, Workstation | 2025-06-27 | 7.1 High |
| VMware Workstation and Fusion contain an information disclosure vulnerability in the Host Guest File Sharing (HGFS) functionality. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. | ||||
| CVE-2024-22269 | 2 Apple, Vmware | 3 Macos, Fusion, Workstation | 2025-06-27 | 7.1 High |
| VMware Workstation and Fusion contain an information disclosure vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. | ||||
| CVE-2025-41229 | 1 Vmware | 1 Cloud Foundation | 2025-06-24 | 8.2 High |
| VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services. | ||||
| CVE-2025-41230 | 1 Vmware | 1 Cloud Foundation | 2025-06-24 | 7.5 High |
| VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information. | ||||
| CVE-2025-41228 | 1 Vmware | 2 Esxi, Vcenter Server | 2025-06-24 | 4.3 Medium |
| VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious websites. | ||||
| CVE-2025-41227 | 1 Vmware | 3 Esxi, Fusion, Workstation | 2025-06-24 | 5.5 Medium |
| VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory of the host process leading to a denial-of-service condition. | ||||
| CVE-2025-41226 | 1 Vmware | 1 Esxi | 2025-06-24 | 6.8 Medium |
| VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to create a denial-of-service condition of guest VMs with VMware Tools running and guest operations enabled. | ||||
| CVE-2025-41225 | 1 Vmware | 1 Vcenter Server | 2025-06-24 | 8.8 High |
| The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server. | ||||
| CVE-2024-22233 | 1 Vmware | 1 Spring Framework | 2025-06-20 | 7.5 High |
| In Spring Framework versions 6.0.15 and 6.1.2, it is possible for a user to provide specially crafted HTTP requests that may cause a denial-of-service (DoS) condition. Specifically, an application is vulnerable when all of the following are true: * the application uses Spring MVC * Spring Security 6.1.6+ or 6.2.1+ is on the classpath Typically, Spring Boot applications need the org.springframework.boot:spring-boot-starter-web and org.springframework.boot:spring-boot-starter-security dependencies to meet all conditions. | ||||
| CVE-2024-37081 | 1 Vmware | 2 Cloud Foundation, Vcenter Server | 2025-06-20 | 7.8 High |
| The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server Appliance. | ||||
| CVE-2023-34063 | 1 Vmware | 2 Aria Automation, Cloud Foundation | 2025-06-20 | 9.9 Critical |
| Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows. | ||||
| CVE-2024-38808 | 3 Netapp, Redhat, Vmware | 5 Active Iq Unified Manager, Oncommand Insight, Apache Camel Spring Boot and 2 more | 2025-06-18 | 4.3 Medium |
| In Spring Framework versions 5.3.0 - 5.3.38 and older unsupported versions, it is possible for a user to provide a specially crafted Spring Expression Language (SpEL) expression that may cause a denial of service (DoS) condition. Specifically, an application is vulnerable when the following is true: * The application evaluates user-supplied SpEL expressions. | ||||
| CVE-2025-41234 | 1 Vmware | 1 Spring Framework | 2025-06-16 | 6.5 Medium |
| Description In Spring Framework, versions 6.0.x as of 6.0.5, versions 6.1.x and 6.2.x, an application is vulnerable to a reflected file download (RFD) attack when it sets a “Content-Disposition” header with a non-ASCII charset, where the filename attribute is derived from user-supplied input. Specifically, an application is vulnerable when all the following are true: * The header is prepared with org.springframework.http.ContentDisposition. * The filename is set via ContentDisposition.Builder#filename(String, Charset). * The value for the filename is derived from user-supplied input. * The application does not sanitize the user-supplied input. * The downloaded content of the response is injected with malicious commands by the attacker (see RFD paper reference for details). An application is not vulnerable if any of the following is true: * The application does not set a “Content-Disposition” response header. * The header is not prepared with org.springframework.http.ContentDisposition. * The filename is set via one of: * ContentDisposition.Builder#filename(String), or * ContentDisposition.Builder#filename(String, ASCII) * The filename is not derived from user-supplied input. * The filename is derived from user-supplied input but sanitized by the application. * The attacker cannot inject malicious content in the downloaded content of the response. Affected Spring Products and VersionsSpring Framework: * 6.2.0 - 6.2.7 * 6.1.0 - 6.1.20 * 6.0.5 - 6.0.28 * Older, unsupported versions are not affected MitigationUsers of affected versions should upgrade to the corresponding fixed version. Affected version(s)Fix versionAvailability6.2.x6.2.8OSS6.1.x6.1.21OSS6.0.x6.0.29 Commercial https://enterprise.spring.io/ No further mitigation steps are necessary. CWE-113 in `Content-Disposition` handling in VMware Spring Framework versions 6.0.5 to 6.2.7 allows remote attackers to launch Reflected File Download (RFD) attacks via unsanitized user input in `ContentDisposition.Builder#filename(String, Charset)` with non-ASCII charsets. | ||||