1050 matches found
EUVD-2022-28094
Malicious code in bioql PyPI...
EUVD-2024-19838
Malicious code in bioql PyPI...
EUVD-2021-9182
Malicious code in bioql PyPI...
EUVD-2021-9179
Malicious code in bioql PyPI...
VMware vCenter Server 7.0.x < 7.0 U3w / 8.0.x < 8.0 U3g SMTP Header Injection (VMSA-2025-0016)
The version of VMware vCenter Server installed on the remote host is 7.0.x prior to 7.0 U3w, or 8.0.x prior to 8.0 U3g. It is, therefore, affected by a vulnerability as referenced in the VMSA-2025-0016 advisory: - VMware vCenter contains an SMTP header injection vulnerability. A malicious actor...
VMSA-2025-0016: VMware vCenter and NSX updates address multiple vulnerabilities (CVE-2025-41250, CVE-2025-41251, CVE-2025-41252)
Advisory ID: | VMSA-2025-0016 ---|--- Advisory Severity: | Important CVSSv3 Range: | 7.5-8.5 Synopsis: | VMware vCenter and NSX updates address multiple vulnerabilities CVE-2025-41250, CVE-2025-41251, CVE-2025-41252 Issue date: | 2025-09-29 Updated on: | 2025-09-29 Initial Advisory CVEs |...
Exploit for Improper Input Validation in Vmware Vcenter_Server
No description provided...
VMware vCenter Server 8.0 < 8.0 U3e Server Reflected XSS (CVE-2025-41228) (VMSA-2025-0010)
The version of VMware vCenter Server installed on the remote host is 8.0.x prior to 8.0 U3e. It is, therefore, affected by a vulnerability as referenced in the VMSA-2025-0010 advisory. - VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input...
VMware vCenter Server 7.0.x < 7.0 U3v / 8.0.x < 8.0 U3e Authenticated Command Execution (CVE-2025-41225) (VMSA-2025-0010)
The version of VMware vCenter Server installed on the remote host is 7.0.x prior to 7.0 U3v, 8.0.x prior to 8.0 U3e. It is, therefore, affected by a vulnerability as referenced in the VMSA-2025-0010 advisory. - The vCenter Server contains an authenticated command-execution vulnerability...
CVE-2024-22275
The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data...
CVE-2022-31680
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC Platform services controller. A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server...
CVE-2022-31697
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation Install/Upgrade/Migrate/Restore can access plaintext passwords used during that...
CVE-2022-22982
The vCenter Server contains a server-side request forgery SSRF vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service...
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information...
CVE-2021-21986
The vSphere Client HTML5 contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network access to port 443 on vCenter Server may perform...
CVE-2021-21972
The vSphere Client HTML5 contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects...
CVE-2021-22015
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance...
CVE-2021-22006
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints...
CVE-2021-22016
The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. An attacker may exploit this issue to execute malicious scripts by tricking a victim into clicking a malicious link...
CVE-2021-22011
vCenter Server contains an unauthenticated API endpoint vulnerability in vCenter Server Content Library. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to perform unauthenticated VM network setting manipulation...