CVE-2026-41724

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

EUVD-2026-35030

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

PT-2026-47260

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

PT-2026-47261

VMware Cloud Foundation Operations contains multiple stored cross-site scripting vulnerabilities.A malicious actor with privileges to create policies, views or text-widgets may be able to inject scripts to perform administrative actions in VMware Cloud Foundation Operations...

CVE-2024-6833

A vulnerability in Zowe CLI allows local, privileged actors to store previously entered secure credentials in a plaintext file as part of an auto-init operation...

redis: Redis allows denial-of-service due to malformed ACL selectors

A flaw was found in the Redis server. An authenticated attacker with sufficient privileges can create a malformed ACL selector which, when accessed, triggers a server panic and subsequent denial of service...

CVE-2024-6833

CVE-2024-6833 affects Zowe CLI. A local, privileged attacker can exploit an auto-init operation to cause credentials entered by a user to be written to a plaintext file, exposing sensitive information. The vulnerability is described as a credentials exposure via insecure storage in the auto-init ...

CVE-2021-4326 Imperative Local Command Injection allows Activity Masking

A vulnerability in Imperative framework which allows already-privileged local actors to execute arbitrary shell commands via plugin install/update commands, or maliciously formed environment variables. Impacts Zowe CLI...

PT-2023-12422 · Zowe Cli +1 · Zowe Cli +1

Name of the Vulnerable Software and Affected Versions: Imperative framework affected versions not specified Zowe CLI affected versions not specified Description: A vulnerability in the Imperative framework allows already-privileged local actors to execute arbitrary shell commands via plugin...