VMWare Aria Operations 8.x < 8.18.6 Multiple Vulnerabilities (VMSA-2026-0001)

According to its self-reported version, the instance of VMWare Aria Operations formerly vRealize Operations running on the remote web server is 8.x 8.18.6. It is, therefore, affected by the following: - VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated...

CVE-2026-22721

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

EUVD-2019-2940

Malware in sbrugna...

CVE-2025-41246 Improper authorisation vulnerability

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls. A malicious actor with non-administrative privileges on a guest VM, who is already authenticated through vCenter or ESX may exploit this issue to access other guest VMs...

Sql injection

A man-in-the-middle vulnerability related to vCenter access was found in Cohesity DataPlatform version 5.x and 6.x prior to 6.1.1c. Cohesity clusters did not verify TLS certificates presented by vCenter. This vulnerability could expose Cohesity user credentials configured to access vCenter...

CVE-2018-5761

A man-in-the-middle vulnerability related to vCenter access was found in Rubrik CDM 3.x and 4.x before 4.0.4-p2. This vulnerability might expose Rubrik user credentials configured to access vCenter as Rubrik clusters did not verify TLS certificates presented by vCenter...

CVE-2018-5761

A man-in-the-middle vulnerability related to vCenter access was found in Rubrik CDM 3.x and 4.x before 4.0.4-p2. This vulnerability might expose Rubrik user credentials configured to access vCenter as Rubrik clusters did not verify TLS certificates presented by vCenter...