21 matches found
CVE-2026-47870
CVE-2026-47870 affects VMware Avi Load Balancer. A malicious authenticated user with network access can potentially execute remote code due to a privilege-escalation flaw. Affected versions and fixes shown in public records: 32.1.1 (fixed in 32.1.2); 31.1.1–31.2.2 (fixed in 31.2.2-2p3); 30.1.1–30...
CVE-2026-47869
CVE-2026-47869 describes a remote code execution flaw in VMware Avi Load Balancer. An authenticated user with network access can inject and execute code. Affected versions and fixed releases: 32.1.1 (fixed in 32.1.2); 31.1.1–31.2.2 (fixed in 31.2.2-2p3); 30.1.1–30.2.6 (fixed in 30.2.7); 22.1.1–22...
CVE-2026-47868
CVE-2026-47868 concerns VMware Avi Load Balancer. A local privilege escalation allows a user with local access to run code as root. Affected versions are: 32.1.1 (fixed in 32.1.2); 31.1.1–31.2.2 (fixed in 31.2.2-2p3); 30.1.1–30.2.6 (fixed in 30.2.7); 22.1.1–22.1.7 (fixed in 30.2.7). CVSSv3.1 base...
CVE-2026-47866
CVE-2026-47866 affects VMware Avi Load Balancer and describes an authorization bypass that could let an attacker on the network access a limited subset of the Avi Control Plane without proper authorization. Affected versions and fixes: 32.1.1 (fixed in 32.1.2); 31.1.1–31.2.2 (fixed in 31.2.2-2p3)...
EUVD-2026-45361
VMware Avi Load Balancer contains an authorization bypass vulnerability. A malicious actor on the network can access a limited subset of the Avi Control Plane without proper authorization. Affected versions: 32.1.1 fixed in 32.1.2 31.1.1 through 31.2.2 fixed in 31.2.2-2p3 30.1.1 through 30.2.6...
PT-2026-60426
VMware Avi Load Balancer contains a remote code execution vulnerability. A malicious authenticated user with network access may be able to inject and execute code. Affected versions: 32.1.1 fixed in 32.1.2 31.1.1 through 31.2.2 fixed in 31.2.2-2p3 30.1.1 through 30.2.6 fixed in 30.2.7 22.1.1...
PT-2026-60428
VMware Avi Load Balancer contains a directory traversal vulnerability. Flaws in file path validation allow malicious, authenticated network users to perform directory traversal attacks. Affected versions: 32.1.1 fixed in 32.1.2 31.1.1 through 31.2.2 fixed in 31.2.2-2p3 30.1.1 through 30.2.6 fixed...
PT-2026-60427
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious authenticated user with network access may be able to execute remote code. Affected versions: 32.1.1 fixed in 32.1.2 31.1.1 through 31.2.2 fixed in 31.2.2-2p3 30.1.1 through 30.2.6 fixed in 30.2.7 22.1.1 through...
EUVD-2024-19828
Malicious code in bioql PyPI...
EUVD-2024-19830
Malicious code in bioql PyPI...
CVE-2025-41233
Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response with a maximum CVSSv3 base score of 6.8...
CVE-2025-41233
Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response with a maximum CVSSv3 base score of 6.8...
CVE-2025-41233
CVE-2025-41233 affects VMware Avi Load Balancer. An authenticated attacker can trigger blind SQL injection in versions 30.1.1, 30.1.2, 30.2.1, and 30.2.2 due to improper input validation, enabling unauthorized DB access. Impact described as moderate (CVSSv3 base score up to 6.8). Remediation requ...
CVE-2025-41233
Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response with a maximum CVSSv3 base score of 6.8...
CVE-2025-41233
Description: VMware AVI Load Balancer contains an authenticated blind SQL Injection vulnerability. VMware has evaluated the severity of the issue to be in the Moderate severity range https://www.broadcom.com/support/vmware-services/security-response with a maximum CVSSv3 base score of 6.8...
The vulnerability of software for managing traffic in hybrid and multi-cloud environments, such as VMware Avi Load Balancer, stems from insecure management of privileges. This allows attackers to escalate their privileges and gain access to create, modify, or delete files.
The vulnerability of the software for managing traffic in hybrid and multi-cloud environments in VMware Avi Load Balancer is related to insecure management of privileges. Exploiting this vulnerability can allow an attacker to increase their privileges and gain access to create, modify, or delete...
Broadcom Warns of High-Severity SQL Injection Flaw in VMware Avi Load Balancer
Broadcom has alerted of a high-severity security flaw in VMware Avi Load Balancer that could be weaponized by malicious actors to gain entrenched database access. The vulnerability, tracked as CVE-2025-22217 CVSS score: 8.6, has been described as an unauthenticated blind SQL injection. "A malicio...
CVE-2024-22264
CVE-2024-22264 affects VMware Avi Load Balancer. The available connected documents describe a privilege escalation where an administrator on the appliance can create, modify, execute, and delete files as root on the host system, indicating a local-privilege escalation vulnerability. The CVSS v3.1...
CVE-2024-22264 VMware Avi Load Balancer updates address multiple vulnerabilities
VMware Avi Load Balancer contains a privilege escalation vulnerability. A malicious actor with admin privileges on VMware Avi Load Balancer can create, modify, execute and delete files as a root user on the host system...
VMware Avi Load Balancer 安全漏洞
VMware Avi Load Balancer is a load balancing platform from VMware. A security vulnerability exists in VMware Avi Load Balancer that originates from a malicious actor with access to system logs being able to view cloud connection credentials in plaintext...