VMWare Cloud Foundation NSX-V - XML External Entity (XXE)

VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. id: CVE-2022-31678 info: name: VMWare Cloud...

VMware Cloud Foundation SDDC Manager Information Disclosure (VMSA-2022-0003)

The remote host is running a version of VMware Cloud Foundation prior to 3.11 or prior to 4.3.1.1. It is, therefore, affected by an information disclosure vulnerability: - VMware Cloud Foundation contains an information disclosure vulnerability due to the logging of credentials in plain-text with...

EUVD-2022-53105

Malicious code in bioql PyPI...

EUVD-2025-15836

Malicious code in bioql PyPI...

EUVD-2025-31599

Malicious code in bioql PyPI...

EUVD-2025-15838

Malicious code in bioql PyPI...

EUVD-2022-28065

Malicious code in bioql PyPI...

VMware NSX Weak Password Recovery Mechanism Vulnerability

VMware NSX is a network virtualization solution within VMware Cloud Foundation that enables administrators to deploy legacy and modern applications in a private/hybrid cloud.VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware, Inc. The platform includes features such as...

VMware Cloud Foundation and VMware NSX Username Enumeration Vulnerability

VMware Cloud Foundation and VMware NSX are both products of VMware, Inc. VMware Cloud Foundation is an all-in-one hybrid cloud platform that includes capabilities for operations automation and infrastructure auto-configuration and integrated lifecycle management. VMware Cloud Foundation is an...

VMware Cloud Foundation和VMware NSX 安全漏洞

VMware NSX is a network virtualization solution within VMware Cloud Foundation that enables administrators to deploy legacy and modern applications in a private/hybrid cloud.VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware, Inc. The platform includes features such as...

Support for AWS Elastic VMware Service (EVS) with Veeam Backup & Replication

Support Statement Veeam Backup & Replication fully supports AWS Elastic VMware Service EVS, treating it as a standard vSphere environment. Built on VMware Cloud Foundation VCF 5.2.x, EVS provides customers with comprehensive administrative access to vCenter, NSX, and other essential VMware...

VMWare Cloud Foundation Multiple Vulnerabilities (VMSA-2025-0009)

The remote host is running a version of Cloud Foundation version 4.5.x or earlier than 4.5.2.0 with Hotpatch KB398008 or 5.x earlier than 5.2.1.2. It is, therefore, affected by multiple vulnerabilities: - A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit thi...

VMware Cloud Foundation Directory Traversal Vulnerability

VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. A directory traversal vulnerability exists in VMware Cloud Foundation, which stems from ...

VMware Cloud Foundation Information Disclosure Vulnerability

VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. An information disclosure vulnerability exists in VMware Cloud Foundation, which can be...

VMware Cloud Foundation License Issue Vulnerability

VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. VMware Cloud Foundation suffers from an authorization issue vulnerability that stems fro...

CVE-2022-31678

VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure...

CVE-2022-22939

VMware Cloud Foundation contains an information disclosure vulnerability due to logging of credentials in plain-text within multiple log files on the SDDC Manager. A malicious actor with root access on VMware Cloud Foundation SDDC Manager may be able to view credentials in plaintext within one or...

CVE-2021-21972

The vSphere Client HTML5 contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operating system that hosts vCenter Server. This affects...

CVE-2021-21973

The vSphere Client HTML5 contains an SSRF Server Side Request Forgery vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request to vCenter Server plugin leading to information...

CVE-2020-3999

VMware ESXi 7.0 prior to ESXi70U1c-17325551, VMware Workstation 16.x prior to 16.0 and 15.x prior to 15.5.7, VMware Fusion 12.x prior to 12.0 and 11.x prior to 11.5.7 and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicious...