Vmware Security Vulnerabilities
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle COM classes appropriately. Successful exploitation of this issue may allow hijacking of COM classes used by the VMX process, on a Windows host, leading to elevation of...
8.8CVSS
8.5AI Score
0.001EPSS
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) running on Windows does not handle paths appropriately. Successful exploitation of this issue may allow the path to the VMX executable, on a Windows host, to be hijacked by a non-administrator leading to elevation of...
8.8CVSS
8.5AI Score
0.0004EPSS
VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8) contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP...
5.3CVSS
5.1AI Score
0.001EPSS
A cross-site request forgery vulnerability in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers to initiate a connection to an attacker-specified...
6.5CVSS
6.3AI Score
0.001EPSS
A missing permission check in Jenkins VMware Lab Manager Slaves Plugin in the LabManager.DescriptorImpl#doTestConnection form validation method allows attackers with Overall/Read permission to initiate a connection to an attacker-specified...
6.5CVSS
6.2AI Score
0.001EPSS
Jenkins VMware vRealize Automation Plugin stores credentials unencrypted in job config.xml files on the Jenkins master where they can be viewed by users with Extended Read permission, or access to the master file...
8.8CVSS
8.6AI Score
0.003EPSS
VMware Workstation (14.x before 14.1.6) and Fusion (10.x before 10.1.6) contain an out-of-bounds write vulnerability in the e1000 virtual network adapter. This issue may allow a guest to execute code on the...
8.8CVSS
8.7AI Score
0.003EPSS
VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and Fusion (11.x before 11.0.3, 10.x before 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on the host from the guest...
8.8CVSS
8.7AI Score
0.007EPSS
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI...
6.8CVSS
7.5AI Score
0.007EPSS
VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain an out-of-bounds read/write vulnerability in the virtual USB 1.1 UHCI (Universal...
6.8CVSS
7.5AI Score
0.008EPSS
VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware.....
8.8CVSS
8.7AI Score
0.085EPSS
VMware vCloud Director for Service Providers 9.5.x prior to 9.5.0.3 update resolves a Remote Session Hijack vulnerability in the Tenant and Provider Portals. Successful exploitation of this issue may allow a malicious actor to access the Tenant or Provider Portals by impersonating a currently...
9.8CVSS
9.4AI Score
0.054EPSS
The SCTP socket buffer used by a userspace application is not accounted by the cgroups subsystem. An attacker can use this flaw to cause a denial of service attack. Kernel 3.10.x and 4.18.x branches are believed to be...
6.5CVSS
6.7AI Score
0.004EPSS
A vulnerability in the network stack of Cisco NX-OS Software could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition on the affected device. The vulnerability is due to an issue with allocating and freeing memory buffers in the network stack. An attacker could.....
8.6CVSS
8.4AI Score
0.002EPSS
A vulnerability in the 802.1X implementation for Cisco NX-OS Software could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected device. The vulnerability is due to incomplete input validation of Extensible Authentication Protocol over LAN (EAPOL)....
7.4CVSS
7.4AI Score
0.001EPSS
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to...
6.5CVSS
7.2AI Score
0.001EPSS
VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the...
8.8CVSS
8.7AI Score
0.001EPSS
LXCI for VMware versions prior to 5.5 and LXCI for Microsoft System Center versions prior to 3.5, allow an authenticated user to write to any system file due to insufficient sanitization during the upload of a...
6.5CVSS
6.3AI Score
0.001EPSS
In versions prior to 5.5, LXCI for VMware allows an authenticated user to download any system file due to insufficient input sanitization during file...
6.5CVSS
6.3AI Score
0.001EPSS
In versions prior to 5.5, LXCI for VMware allows an authenticated user to write to any system file due to insufficient sanitization during the upload of a backup...
6.5CVSS
6.3AI Score
0.001EPSS
VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the...
8.8CVSS
8.8AI Score
0.0004EPSS
VMware vRealize Log Insight (4.7.x before 4.7.1 and 4.6.x before 4.6.2) contains a vulnerability due to improper authorization in the user registration method. Successful exploitation of this issue may allow Admin users with view only permission to perform certain administrative functions which...
7.2CVSS
6.8AI Score
0.001EPSS
IBM Spectrum Protect 7.1 and 8.1 dsmc and dsmcad processes incorrectly accumulate TCP/IP sockets in a CLOSE_WAIT state. This can cause TCP/IP resource leakage and may result in a denial of service. IBM X-Force ID:...
7.5CVSS
7.2AI Score
0.002EPSS
The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass...
7.4CVSS
7.3AI Score
0.001EPSS
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a...
6.5CVSS
6AI Score
0.003EPSS
VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may lead to information disclosure or may allow attackers to escalate their privileges on the guest VMs. In order to be able to exploit this issue, file sharing...
7CVSS
6.6AI Score
0.001EPSS
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user...
8.1CVSS
7.4AI Score
0.002EPSS
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user...
8.1CVSS
7.4AI Score
0.002EPSS
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user...
8.1CVSS
7.4AI Score
0.002EPSS
VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient access controls for utility endpoints. Successful exploitation of this issue may result in information...
7.5CVSS
7.4AI Score
0.004EPSS
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root...
7.8CVSS
7.7AI Score
0.001EPSS
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are...
7.8CVSS
7.3AI Score
0.0004EPSS
Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not...
7CVSS
6.7AI Score
0.0004EPSS
VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. Successful exploitation of this issue could result in an escalation of...
7.8CVSS
7.7AI Score
0.001EPSS
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this issue could result in an unsuspecting AWC user opening a CSV file which contains malicious...
7.8CVSS
7.3AI Score
0.001EPSS
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device's 'Links' page. Successful exploitation of this issue could result in an unsuspecting AWC user being redirected to a malicious...
5.4CVSS
5.8AI Score
0.001EPSS
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root...
7CVSS
6.8AI Score
0.001EPSS
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root...
7.8CVSS
7.4AI Score
0.001EPSS
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the...
8.8CVSS
8.6AI Score
0.001EPSS
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH...
7.8CVSS
7.6AI Score
0.001EPSS
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to...
9CVSS
9AI Score
0.005EPSS
VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. Successful exploitation of this issue may result in a local privilege escalation....
6.7CVSS
6.4AI Score
0.0004EPSS
IBM Tivoli Storage Manager for Virtual Environments 7.1 (VMware) is vulnerable to cross-site request forgery which could allow an attacker to execute malicious and unauthorized actions transmitted from a user that the website trusts. IBM Reference #:...
8.8CVSS
8.6AI Score
0.001EPSS
NetApp Virtual Storage Console for VMware vSphere before 6.2.1 uses a non-unique certificate, which allows remote attackers to conduct man-in-the-middle attacks via unspecified...
9.8CVSS
9.1AI Score
0.003EPSS
IBM Tivoli Storage Manager discloses unencrypted login credentials to Vmware vCenter that could be obtained by a local...
6.5CVSS
6.2AI Score
0.0004EPSS
IBM Tivoli Storage Manager for Virtual Environments (VMware) could disclose the Windows domain credentials to a user with a high level of...
6.8CVSS
6.4AI Score
0.001EPSS
Cisco NX-OS 4.0 through 7.3 and 11.0 through 11.2 on 1000v, 2000, 3000, 3500, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote attackers to cause a denial of service (device reload) by leveraging a peer relationship to send a crafted BGP UPDATE message, aka Bug IDs CSCuq77105 and....
6.5CVSS
6.3AI Score
0.003EPSS
Cisco NX-OS 4.0 through 7.3 on Multilayer Director and Nexus 1000V, 2000, 3000, 3500, 4000, 5000, 5500, 5600, 6000, 7000, 7700, and 9000 devices allows remote authenticated users to bypass intended AAA restrictions and obtain privileged CLI access via crafted parameters in an SSH connection...
8CVSS
7.3AI Score
0.002EPSS
The Data Protection component in the VMware vSphere GUI in IBM Tivoli Storage Manager for Virtual Environments: Data Protection for VMware (aka Spectrum Protect for Virtual Environments) 6.3 before 6.3.2.5, 6.4 before 6.4.3.1, and 7.1 before 7.1.4 and Tivoli Storage FlashCopy Manager for VMware...
10CVSS
9AI Score
0.009EPSS
Unspecified vulnerability in Oracle MySQL Server 5.6.23 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : Security :...
5.2AI Score
0.003EPSS