VMWare Cloud Foundation NSX-V - XML External Entity (XXE)

VMware Cloud Foundation NSX-V contains an XML External Entity XXE vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. id: CVE-2022-31678 info: name: VMWare Cloud...

VMware Cloud Foundation SDDC Manager Information Disclosure (VMSA-2022-0003)

The remote host is running a version of VMware Cloud Foundation prior to 3.11 or prior to 4.3.1.1. It is, therefore, affected by an information disclosure vulnerability: - VMware Cloud Foundation contains an information disclosure vulnerability due to the logging of credentials in plain-text with...

EUVD-2022-53105

Malicious code in bioql PyPI...

EUVD-2025-15836

Malicious code in bioql PyPI...

EUVD-2025-31599

Malicious code in bioql PyPI...

EUVD-2025-15838

Malicious code in bioql PyPI...

EUVD-2022-28065

Malicious code in bioql PyPI...

VMware NSX Weak Password Recovery Mechanism Vulnerability

VMware NSX is a network virtualization solution within VMware Cloud Foundation that enables administrators to deploy legacy and modern applications in a private/hybrid cloud.VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware, Inc. The platform includes features such as...

VMware Cloud Foundation and VMware NSX Username Enumeration Vulnerability

VMware Cloud Foundation and VMware NSX are both products of VMware, Inc. VMware Cloud Foundation is an all-in-one hybrid cloud platform that includes capabilities for operations automation and infrastructure auto-configuration and integrated lifecycle management. VMware Cloud Foundation is an...

CVE-2025-41252 Username enumeration vulnerability

Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially leading to unauthorized access attempts. Impact: Username enumeration → facilitates unauthorized access. Attack Vector: Remote,...

CVE-2025-41252

Summary of CVE-2025-41252 ( VMware NSX Username Enumeration ) : An unauthenticated, remote attacker can enumerate valid usernames in affected VMware NSX deployments, potentially enabling unauthorized access. Affected products include VMware NSX 9.x.x.x, 4.2.x, 4.1.x, 4.0.x ; NSX-T 3.x ; and VMwar...

CVE-2025-41251 Weak password recovery vulnerability

VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks. Impact: Username enumeration → credential brute force risk. Attack Vector: Remote, unauthenticated...

VMware Cloud Foundation和VMware NSX 安全漏洞

VMware Cloud Foundation and VMware NSX are both products of VMware, Inc. VMware Cloud Foundation is an all-in-one hybrid cloud platform that includes capabilities for operations automation and infrastructure auto-configuration and integrated lifecycle management. VMware Cloud Foundation is an...

VMware Cloud Foundation和VMware NSX 安全漏洞

VMware NSX is a network virtualization solution within VMware Cloud Foundation that enables administrators to deploy legacy and modern applications in a private/hybrid cloud.VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware, Inc. The platform includes features such as...

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

Advisory ID: | VMSA-2025-0015.1 ---|--- Advisory Severity: | Important CVSSv3 Range: | 4.9 -7.8 Synopsis: | VMware Aria Operations and VMware Tools updates address multiple vulnerabilities CVE-2025-41244,CVE-2025-41245, CVE-2025-41246 Issue date: | 2025-09-29 Updated on: | 2025-10-30 CVEs |...

VMSA-2025-0016: VMware vCenter and NSX updates address multiple vulnerabilities (CVE-2025-41250, CVE-2025-41251, CVE-2025-41252)

Advisory ID: | VMSA-2025-0016 ---|--- Advisory Severity: | Important CVSSv3 Range: | 7.5-8.5 Synopsis: | VMware vCenter and NSX updates address multiple vulnerabilities CVE-2025-41250, CVE-2025-41251, CVE-2025-41252 Issue date: | 2025-09-29 Updated on: | 2025-09-29 Initial Advisory CVEs |...

Support for AWS Elastic VMware Service (EVS) with Veeam Backup & Replication

Support Statement Veeam Backup & Replication fully supports AWS Elastic VMware Service EVS, treating it as a standard vSphere environment. Built on VMware Cloud Foundation VCF 5.2.x, EVS provides customers with comprehensive administrative access to vCenter, NSX, and other essential VMware...

VMWare Cloud Foundation Multiple Vulnerabilities (VMSA-2025-0009)

The remote host is running a version of Cloud Foundation version 4.5.x or earlier than 4.5.2.0 with Hotpatch KB398008 or 5.x earlier than 5.2.1.2. It is, therefore, affected by multiple vulnerabilities: - A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit thi...

VMware Cloud Foundation Directory Traversal Vulnerability

VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. A directory traversal vulnerability exists in VMware Cloud Foundation, which stems from ...

VMware Cloud Foundation Information Disclosure Vulnerability

VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. An information disclosure vulnerability exists in VMware Cloud Foundation, which can be...