Lucene search
K

559 matches found

Nuclei
Nuclei
added yesterday23 views

VMware Workspace ONE Access - Authentication Bypass

VMware Workspace ONE Access has two authentication bypass vulnerabilities CVE-2022-22955 & CVE-2022-22956 in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framework. id: CVE-2022-22956...

9.8CVSS7.2AI score0.50694EPSS
Exploits5References4
NVD
NVD
added 6 days ago13 views

CVE-2026-22927

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS0.0017EPSS
Exploits0References2
EUVD
EUVD
added 6 days ago6 views

EUVD-2026-42242

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS5.9AI score0.0017EPSS
Exploits0References2
Cvelist
Cvelist
added 6 days ago31 views

CVE-2026-22927

Omnissa Workspace ONE® Tunnel for Windows addresses a Local Privilege Escalation Vulnerability...

7.8CVSS0.0017EPSS
Exploits0References2
CVE
CVE
added 6 days ago18 views

CVE-2026-22927

Technical details about CVE-2026-22927 are not publicly available in the provided documents. Monitor for updates from Omnissa and CVE databases.

7.8CVSS5.9AI score0.0017EPSS
Exploits0References2Affected Software1
Positive Technologies
Positive Technologies
added 6 days ago8 views

PT-2026-56419

Name of the Vulnerable Software and Affected Versions Omnissa Workspace ONE® Tunnel for Windows affected versions not specified Description A local privilege escalation issue exists that allows a malicious actor with local access to a device to elevate their privileges. Recommendations At the...

7.8CVSS5.9AI score0.0017EPSS
Exploits0References6
RedhatCVE
RedhatCVE
added 2026/06/10 9:0 p.m.10 views

CVE-2026-22926

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS5.4AI score0.00132EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/09 6:30 p.m.10 views

EUVD-2026-35705

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS5.4AI score0.00132EPSS
Exploits0References3
NVD
NVD
added 2026/06/09 5:17 p.m.12 views

CVE-2026-22926

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS0.00132EPSS
Exploits0References2
CVE
CVE
added 2026/06/09 4:34 p.m.32 views

CVE-2026-22926

Technical details about CVE-2026-22926 are not publicly available in the provided documents. No affected versions, root cause, or remediation are specified. Monitor for updates from Omnissa and CVE listings.

7.8CVSS5.4AI score0.00132EPSS
Exploits0References2
Cvelist
Cvelist
added 2026/06/09 4:34 p.m.31 views

CVE-2026-22926

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS0.00132EPSS
Exploits0References2
Vulnrichment
Vulnrichment
added 2026/06/09 4:34 p.m.42 views

CVE-2026-22926

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS5.4AI score0.00132EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/06/09 12:0 a.m.15 views

PT-2026-47861

Omnissa Workspace ONE® Assist for macOS contains a Local Privilege Escalation Vulnerability...

7.8CVSS5.4AI score0.00132EPSS
Exploits0References3
The Hacker News
The Hacker News
added 2026/03/10 6:17 a.m.11 views

CISA Flags SolarWinds, Ivanti, and Workspace One Vulnerabilities as Actively Exploited

The U.S. Cybersecurity and Infrastructure Security Agency CISA on Monday added three security flaws to its Known Exploited Vulnerabilities KEV catalog, based on evidence of active exploitation. The vulnerability list is as follows - CVE-2021-22054 CVSS score: 7.5 - A server-side request forgery...

9.8CVSS7.4AI score0.97713EPSS
Exploits2
CISA
CISA
added 2026/03/09 12:0 p.m.30 views

CISA Adds Three Known Exploited Vulnerabilities to Catalog

CISA has added three new vulnerabilities to its Known Exploited Vulnerabilities KEV Catalog, based on evidence of active exploitation. CVE-2021-22054link is external Omnissa Workspace ONE Server-Side Request Forgery CVE-2025-26399link is external SolarWinds Web Help Desk Deserialization of...

9.8CVSS5.8AI score0.97713EPSS
In wildExploits2References8
CISA KEV Catalog
CISA KEV Catalog
added 2026/03/09 12:0 a.m.8 views

Omnissa Workspace ONE Server-Side Request Forgery

Omnissa Workspace One UEM formerly known as VMware Workspace One UEM contains a server-side request forgery SSRF vulnerability that could allow a malicious actor with network access to UEM to send their requests without authentication and to gain access to sensitive information...

7.5CVSS5.8AI score0.97713EPSS
In wildExploits1
RedhatCVE
RedhatCVE
added 2026/01/09 11:22 a.m.6 views

CVE-2021-22002

VMware Workspace ONE Access and Identity Manager, allow the /cfg web app and diagnostic endpoints, on port 8443, to be accessed via port 443 using a custom host header. A malicious actor with network access to port 443 could tamper with host headers to facilitate access to the /cfg web app, in...

9.8CVSS6.9AI score0.01207EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:21 a.m.21 views

CVE-2021-22057

VMware Workspace ONE Access 21.08, 20.10.0.1, and 20.10 contain an authentication bypass vulnerability. A malicious actor, who has successfully provided first-factor authentication, may be able to obtain second-factor authentication provided by VMware Verify...

8.8CVSS7.1AI score0.0113EPSS
Exploits0References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.7 views

CVE-2021-22054

VMware Workspace ONE UEM console 20.0.8 prior to 20.0.8.37, 20.11.0 prior to 20.11.0.40, 21.2.0 prior to 21.2.0.27, and 21.5.0 prior to 21.5.0.37 contain an SSRF vulnerability. This issue may allow a malicious actor with network access to UEM to send their requests without authentication and to...

7.5CVSS7.1AI score0.97713EPSS
Exploits1References1
RedhatCVE
RedhatCVE
added 2026/01/09 11:19 a.m.7 views

CVE-2021-22003

VMware Workspace ONE Access and Identity Manager, unintentionally provide a login interface on port 7443. A malicious actor with network access to port 7443 may attempt user enumeration or brute force the login endpoint, which may or may not be practical based on lockout policy configuration and...

7.5CVSS6.8AI score0.00994EPSS
Exploits0References1
Rows per page
Query Builder