PT-2026-26150

🚨 FRESH TOP THREAT ALERT 🚨 March 18, 2026: VMware vCenter Server CVSS 9.8! CVE-2026-54321 – Critical Unauthenticated Remote Code Execution in Flaw in the SOAP API lets attackers send one crafted packet to trigger arbitrary code execution and take over the entire virtualization management server —...

CISA Adds Actively Exploited VMware vCenter Flaw CVE-2024-37079 to KEV Catalog

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Friday added a critical security flaw affecting Broadcom VMware vCenter Server that was patched in June 2024 to its Known Exploited Vulnerabilities KEV catalog, citing evidence of active exploitation in the wild. The vulnerability ...

EUVD-2015-4083

Malware in sbrugna...

VMware vCenter 安全漏洞

VMware vCenter is a virtualization management software from VMware. An SMTP header injection vulnerability exists in VMware vCenter, which can be exploited by an attacker to manipulate notification emails for scheduled tasks...

VMSA-2025-0014: VMware vCenter updates address a denial-of-service vulnerability (CVE-2025-41241)

Advisory ID: | VMSA-2025-0014.1 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 4.4 Synopsis: | VMware vCenter updates address a denial-of-service vulnerability CVE-2025-41241 Issue date: | 2025-07-29 Updated on: | 2025-07-30 CVEs | CVE-2025-41241 1. Impacted Products VMware Cloud Foundatio...

Warning: VMware vCenter and Kemp LoadMaster Flaws Under Active Exploitation

Now-patched security flaws impacting Progress Kemp LoadMaster and VMware vCenter Server have come under active exploitation in the wild, it has emerged. The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added CVE-2024-1212 CVSS score: 10.0, a maximum-severity security...

VulnCheck KEV: CVE-2024-38813

VMware vCenter contains an improper check for dropped privileges vulnerability. This vulnerability could allow an attacker with network access to the vCenter Server to escalate privileges to root by sending a specially crafted packet...

Hewlett Packard Enterprise OneView 安全漏洞

Hewlett Packard Enterprise OneView is a software from Hewlett Packard Enterprise USA that facilitates automated device management for IT departments. A security vulnerability exists in Hewlett Packard Enterprise OneView for VMware vCenter that stems from the potential disclosure of usernames and...

CVE-2021-21993

The vCenter Server contains an SSRF Server Side Request Forgery vulnerability due to improper validation of URLs in vCenter Server Content Library. An authorised user with access to content library may exploit this issue by sending a POST request to vCenter Server leading to information disclosur...

Vulnerability fixed in VMware vCenter and ESXi

Vmware has fixed a vulnerability in vCenter and ESXi. The vulnerability allows a remote malicious party to cause a partial denial-of-service DoS exploit. Vmware has released updates to fix the vulnerability in Vcenter and ESXi. For more information, see:...