CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

508 matches found

IBM Security Bulletins•added 2026/01/30 4:54 p.m.•6 views

Security Bulletin: Due to use of VMware vCenter, IBM Cloud Pak System is affected by header injection and denial-of-service vulnerabilities [CVE-2025-41250,CVE-2025-41241]

Summary Due to use of VMware vCenter, IBM Cloud Pak System is affected by header injection and denial-of-service vulnerabilities CVE-2025-41250,CVE-2025-41241. IBM Cloud Pak System has addressed these vulnerabilities. IBM Cloud Pak System includes the patched vCenter Server 8.0 U3g release as par...

8.5CVSS5.9AI score0.00638EPSS

Exploits0Affected Software3

GithubExploit•added 2026/01/27 12:0 p.m.•240 views

Exploit for Path Traversal in Vmware Cloud_Foundation

CTT-enhanced-VMware-vCenter Looking at current high-impact vul...

10CVSS6AI score0.99999EPSS

Exploits523

CISA•added 2026/01/23 12:0 p.m.•7 views

CISA Adds One Known Exploited Vulnerability to Catalog

CISA has added one new vulnerability to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2024-37079link is external Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability This type of vulnerability is a frequent attack vector for malicious...

9.8CVSS5.5AI score0.22377EPSS

In wildExploits0References6

CISA KEV Catalog•added 2026/01/23 12:0 a.m.•20 views

Broadcom VMware vCenter Server Out-of-bounds Write Vulnerability

Broadcom VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. This could allow a malicious actor with network access to vCenter Server to send specially crafted network packets, potentially leading to remote code execution...

9.8CVSS6.1AI score0.22377EPSS

In wildExploits0

RedhatCVE•added 2026/01/09 10:49 a.m.•6 views

CVE-2022-37935

HPE OneView for VMware vCenter, in certain circumstances, may disclose the “HPE OneView” Username and Password...

5.5CVSS6.9AI score0.00203EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:9 a.m.•6 views

CVE-2019-11992

A security vulnerability in HPE OneView for VMware vCenter 9.5 could be exploited remotely to allow Cross-Site Scripting...

6.1CVSS7AI score0.01037EPSS

Exploits0References1

Positive Technologies•added 2026/01/01 12:0 a.m.•6 views

PT-2026-1167

CVE-2025-22201 - VMware vCenter Server Remote Code Execution CVE ID : CVE-2025-22201 Published : Jan. 1, 2026, 1:15 a.m. | 3 hours, 5 minutes ago Description : Rejected reason: To maintain compliance with CNA rules, we have rejected this CVE record because it has not been used. Severity: 0.0 | NA...

7.3AI score

Exploits0References1

CISA•added 2025/12/04 12:0 p.m.•16 views

PRC State-Sponsored Actors Use BRICKSTORM Malware Across Public Sector and Information Technology Systems

The Cybersecurity and Infrastructure Security Agency CISA is aware of ongoing intrusions by People’s Republic of China PRC state-sponsored cyber actors using BRICKSTORM malware for long-term persistence on victim systems. BRICKSTORM is a sophisticated backdoor for VMware vSphere1,2 and Windows...

6.6AI score

Exploits0References10