22 matches found
CVE-2021-22019
The vCenter Server contains a denial-of-service vulnerability in VAPI vCenter API service. A malicious actor with network access to port 5480 on vCenter Server may exploit this issue by sending a specially crafted jsonrpc message to create a denial of service condition...
CVE-2021-22014
The vCenter Server contains an authenticated code execution vulnerability in VAMI Virtual Appliance Management Infrastructure. An authenticated VAMI user with network access to port 5480 on vCenter Server may exploit this issue to execute code on the underlying operating system that hosts vCenter...
EUVD-2021-13760
Malware in sbrugna...
EUVD-2022-53106
Malicious code in bioql PyPI...
EUVD-2022-28094
Malicious code in bioql PyPI...
EUVD-2021-9187
Malicious code in bioql PyPI...
EUVD-2023-38170
Malicious code in bioql PyPI...
EUVD-2023-25063
Malicious code in bioql PyPI...
CVE-2022-31680
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC Platform services controller. A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server...
CVE-2022-22982
The vCenter Server contains a server-side request forgery SSRF vulnerability. A malicious actor with network access to 443 on the vCenter Server may exploit this issue by accessing a URL request outside of vCenter Server or accessing an internal service...
CVE-2021-22006
The vCenter Server contains a reverse proxy bypass vulnerability due to the way the endpoints handle the URI. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to access restricted endpoints...
CVE-2021-21991
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client HTML5 or vCenter Serve...
CVE-2025-41228
VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious website...
CVE-2025-41228 VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability
VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to steal cookies or redirect to malicious website...
VMware vCenter Server 安全漏洞
VMware vCenter Server is a suite of server and virtualization management software from VMware. The software provides a centralized platform for managing VMware vSphere environments, automating the implementation and delivery of virtual infrastructures. A security vulnerability exists in VMware...
VMware vCenter Server 8.0.2 Privilege Escalation
VMware vCenter Server version 8.0.2 proof of concept privilege escalation exploit that leverages a vulnerability from 2024. ============================================================================================================================================= | Title : VMware vCenter Server...
EUVD-2024-36413
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
EUVD-2024-36412
vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leading to remote code execution...
CVE-2023-20895
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication...
The vulnerability of the management tool for virtual infrastructure, VMware vCenter Server, is related to incorrect definition of URI endpoints, allowing attackers to gain unauthorized access to protected information.
The vulnerability of the VMware vCenter Server virtual infrastructure management tool is related to incorrect definition of URI endpoints. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected information by sending a specially crafted...