VMware Workspace ONE Access - Authentication Bypass

VMware Workspace ONE Access has two authentication bypass vulnerabilities CVE-2022-22955 & CVE-2022-22956 in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework. id: CVE-2022-22956...

VMware Aria Operations for Logs - Unauthenticated Remote Code Execution

VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root. id: CVE-2023-20864 info: name: VMware Aria Operations for Logs - Unauthenticated Remo...

VMware View Planner <4.6 SP1- Remote Code Execution

VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability due to improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could...

VMware Workspace ONE Access/Identity Manager/vRealize Automation - Authentication Bypass

VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate. id: CVE-2022-22972 info:...

VMWare Cloud Foundation NSX-V - XML External Entity (XXE)

VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. id: CVE-2022-31678 info: name: VMWare Cloud...

VMware vCenter Server - Arbitrary File Upload

VMware vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. id: CVE-2021-22005 info: name: VMware...

PT-2026-47259

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

VMSA-2026-0004: VMware Cloud Foundation Operations updates address multiple vulnerabilities (CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724)

Advisory ID: | VMSA-2026-0004 ---|--- Advisory Severity: | Important CVSSv3 Range: | 8.0 Synopsis: | VMware Cloud Foundation Operations updates address multiple vulnerabilities CVE-2026-41722, CVE-2026-41723 and CVE-2026-41724 Issue date: | 2026-06-08 Updated on: | 2026-06-08 Initial advisory CVE...

PT-2026-47261

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

Spring Cloud Netflix - Server-Side Request Forgery

Spring Cloud Netflix 2.2.x prior to 2.2.4, 2.1.x prior to 2.1.6, and older unsupported versions are susceptible to server-side request forgery. Applications can use the Hystrix Dashboard proxy.stream endpoint to make requests to any server reachable by the server hosting the dashboard. An attacke...

Metasploit2-pentest

Metasploitable2 Penetration Test Lab Author: Lillian Jone...

Exploit for CVE-2019-5513

VMware Horizon /broker/xml Vulnerability Scanner !Security...

PT-2026-47451

CVE-2026-36229 - VMware Aria Operations For Logs Directory Traversal CVE ID :CVE-2026-36229 Published : June 6, 2026, 9:16 p.m. | 2 hours, 14 minutes ago Description :Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: This candidate was withdrawn by its CNA. Further...

CVE-2026-41702

VMware Fusion contains a TOCTOU Time-of-check Time-of-use vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is install...

CVE-2026-20879

Out-of-bounds write for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data corruption. This result...

CVE-2026-20751

Out-of-bounds read for the IntelR Data Center Graphics Driver for VMware ESXi software before version 2.0.2 within Ring 1: Device Drivers may allow a denial of service. System software adversary with a privileged user combined with a low complexity attack may enable data exposure. This result may...

Photon OS 4.0: Linux PHSA-2026-4.0-1028

An update of the linux package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2026-4.0-1028. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

VMware NSX SD-WAN Edge - Command Injection

VMware NSX SD-WAN Edge formerly VeloCloud Edge before 3.1.2 contains an unauthenticated command injection in the local web UI diagnostic tools Ping/Traceroute. This template detects it reliably by injecting 'id', 'whoami', and a random marker. id: CVE-2018-6961 info: name: VMware NSX SD-WAN Edge ...

Spring Cloud Config Server - Local File Inclusion

Spring Cloud Config Server versions 2.2.x prior to 2.2.3, versions 2.1.x prior to 2.1.9, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. A malicious user or attacker can send a request using a specially crafte...

SUSE SLES15 Security Update : kernel (Live Patch 27 for SUSE Linux Enterprise 15 SP5) (SUSE-SU-2026:2149-1)

The remote SUSE Linux SLES15 host has a package installed that is affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2149-1 advisory. This update for the SUSE Linux Enterprise Kernel 5.14.21-150500.55.110 fixes various security issues The following security issues were fixed: ...