135 matches found
CVE-2021-22009
CVE-2021-22009 affects VMware vCenter Server via VAPI, enabling a remote attacker to trigger a DoS through excessive memory consumption in the VAPI service when accessing port 443. Public sources (NVD/Red Hat CNVD) describe multiple memory‑exhaustion DoS vulnerabilities in VAPI/VAPI endpoints. Th...
CVE-2022-31698
The CVE-2022-31698 entry concerns VMware vCenter Server (and related ESXi components) with a denial-of-service in the content library service. According to the provided documents, a remote attacker who can access port 443 over the network can trigger a DoS by sending a specially crafted header, l...
CVE-2021-21991
VMware vCenter Server has a local privilege-escalation vulnerability (CVE-2021-21991) caused by improper handling of session tokens. A non-administrative user with local access can escalate to Administrator on the vSphere Client (HTML5) or vCenter Web Client (FLEX/Flash). Public reports consisten...
CVE-2024-22253
CVE-2024-22253 is a use-after-free in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with local VM admin privileges can exploit it to execute code as the VMX process on the host; on ESXi this is contained within the VMX sandbox, while Workstation/Fusion ...
CVE-2025-41244
CVE-2025-41244 covers a local privilege-escalation in Open VM Tools used with VMware Aria Operations; a non-administrative local user with access to a VM that has VMware Tools (SDMP enabled) can escalate to root within the same VM. Affected component: open-vm-tools bundled with VMware Tools; root...
CVE-2021-22006
VMware vCenter Server CVE-2021-22006 is a reverse proxy/bypass vulnerability arising from how the URI is handled, allowing an unauthenticated attacker with network access to port 443 to access restricted endpoints. Publicly documented details in multiple sources (NVD, CNVD, CVE lists, IBM/NCSC ad...
CVE-2025-22218
CVE-2025-22218 (information disclosure) and CVE-2025-22219/22220/22221/22222 (XSS, broken access, and credentials leaks) affect VMware Aria Operations for Logs and related products. The Broadcom VMSA-2025-0003 advisory and VMware/ Broadcom release notes confirm multiple issues: CVE-2025-22218 all...
CVE-2021-22011
CVE-2021-22011 describes an unauthenticated API endpoint vulnerability in VMware vCenter Server Content Library that allows a remote attacker with network access to port 443 to perform unauthenticated VM network setting manipulation. The issue is triggered by an unauthenticated API surface in vCe...
CVE-2022-31678
Summary: CVE-2022-31678 is an XXE vulnerability in VMware Cloud Foundation’s NSX-V component used with VCF 3.x, allowing denial of service or unintended information disclosure. The root cause is an XML External Entity flaw in NSX-V parsing, enabling crafted XML to cause adverse effects. Impact: B...
CVE-2021-22042
CVE-2021-22042 affects VMware ESXi: an unauthorized-access flaw where VMX process privileges can access settingsd authorization tickets, allowing a local attacker with VMX privileges to reach the settingsd service running as a high-privileged user. Reported in multiple feeds (NVD, Red Hat, Nessus...
CVE-2021-22014
CVE-2021-22014 is an authenticated code-execution vulnerability in VMware vCenter Server’s VAMI (port 5480). An authenticated VAMI user with network access to 5480 can execute arbitrary code on the underlying OS hosting vCenter Server. The issue is publicly discussed across multiple sources (e.g....
CVE-2025-22249
CVE-2025-22249 is a DOM-based Cross‑Site Scripting (XSS) flaw in VMware Aria Automation. Affected product: VMware Aria Automation (8.18.x line). Root cause: DOM-based XSS that enables an attacker to steal the access token of a logged-in user by convincing the user to click a malicious crafted pay...
CVE-2023-34043
CVE-2023-34043 affects VMware Aria Operations (formerly vRealize Operations). A local privilege escalation exists where an actor with administrative access on the compromised host can escalate to root. Affected product versions (per advisories) include VMware Aria Operations 8.6.x (fixed in 8.6 H...
CVE-2021-22048
CVE-2021-22048 affects VMware vCenter Server via IWA (Integrated Windows Authentication), enabling privilege escalation from non-administrative access to higher privileges. Connected sources confirm the vulnerability in the IWA mechanism, with advisories noting VMware’s fix in VMSA-2021-0025.x an...
CVE-2022-22958
CVE-2022-22958 is part of a pair of remote code execution vulnerabilities affecting VMware Workspace ONE Access, Identity Manager and vRealize Automation. Public details in the connected docs confirm two RCE vulnerabilities (CVE-2022-22957 and CVE-2022-22958) that can be triggered by an attacker ...
CVE-2024-22235
CVE-2024-22235 affects VMware Aria Operations (formerly vRealize Operations) and VMware Aria Operations in VMware Cloud Foundation. The issue is a local privilege escalation: a malicious actor with administrative access to the local system can escalate to root. The CVSSv3 base score is 6.7 (Local...
CVE-2021-21992
CVE-2021-21992 describes a denial-of-service vulnerability in VMware vCenter Server caused by improper XML entity parsing. An attacker with non-administrative access to the vCenter HTML5/vSphere Web Client could trigger a DoS on the vCenter host. Affected product: VMware vCenter Server (and Cloud...
CVE-2020-3976
CVE-2020-3976 affects VMware ESXi and vCenter Server, describing a partial denial-of-service in their authentication services. The public details identify a moderate impact (CVSSv3 base score 5.3) with network access required and low attack complexity, but do not provide exploit specifics in the ...
CVE-2024-22273
CVE-2024-22273 affects VMware ESXi, Workstation, and Fusion storage controllers, with an out-of-bounds read/write flaw that may let a VM-adjacent attacker cause a denial of service or, in conjunction with other issues, execute code on the hypervisor. Exploitation is described as local (requires a...
CVE-2020-3963
CVE-2020-3963 affects VMware ESXi (7.0 pre-7.0.0-1.20.16321839; 6.7 pre-670-202006401-SG; 6.5 pre-650-202005401-SG), Workstation 15.x pre-15.5.2, and Fusion 11.x pre-11.5.2 with a use-after-free in PVNVRAM that could allow a local attacker with VM access to read privileged memory. VMware’s VMSA-2...
CVE-2021-22008
CVE-2021-22008 is an information-disclosure flaw in VMware vCenter Server’s VAPI service. With network access to port 443, an attacker can send a crafted json-rpc message to access sensitive data. Public references (NVD/Red Hat/CNVD) describe the vulnerability similarly and cite VMware’s VMSA-202...
CVE-2024-22280
CVE-2024-22280 affects VMware Aria Automation. The issue is an SQL injection due to improper input validation, enabling an authenticated attacker to perform unauthorized read/write operations in the database. Reported impact indicates network access with low privileges and no user interaction nee...
CVE-2026-41724
CVE-2026-41724 affects VMware Cloud Foundation Operations and is a stored cross-site scripting vulnerability. The NVD/NVD-derived data shows CVSSv3.1 base score 8.0 (Network, High impact on confidentiality, integrity, availability; Privileges Required: Low; User Interaction: Required). Exploitati...
CVE-2023-20884
CVE-2023-20884 affects VMware Workspace ONE Access and VMware Identity Manager. The issue is an insecure redirect caused by improper path handling that could allow an unauthenticated attacker to redirect victims to attacker-controlled domains, potentially disclosing sensitive information. VMware ...
CVE-2020-3964
CVE-2020-3964 is an information-leak vulnerability in the EHCI USB controller affecting VMware products. A local attacker with access to a guest VM can read privileged information from the hypervisor memory, under conditions described by VMware and Red Hat/CNVD disclosures. Affected are: ESXi 7.0...
CVE-2020-3965
CVE-2020-3965 affects VMware ESXi, Workstation, and Fusion, describing an information-leak in the XHCI USB controller that could let a local VM attacker read privileged information from hypervisor memory. Affected: ESXi 7.0 (pre-1.20.16321839), 6.7 (pre-670-202006401-SG), 6.5 (pre-650-202005401-S...
CVE-2020-3994
CVE-2020-3994 affects VMware vCenter Server (versions 6.7 before 6.7u3, 6.6 before 6.5u3k). It is a session hijack vulnerability in the vCenter Server Appliance Management Interface (VAMI) update function caused by a lack of certificate validation. An attacker with network position between vCente...
CVE-2021-22016
CVE-2021-22016 affects VMware vCenter Server and involves a reflected cross-site scripting (XSS) vulnerability caused by insufficient input sanitization. An attacker could lure a user to click a crafted link and have malicious scripts run in the victim’s browser. Public details in connected sourc...
CVE-2023-20865
The CVE-2023-20865 entry concerns VMware Aria Operations for Logs. Affected product: VMware Aria Operations for Logs (log management app, formerly vRealize Log Insight). Vulnerability: command injection in which a malicious actor with administrative privileges can execute arbitrary commands as ro...
CVE-2023-20877
CVE-2023-20877 affects VMware Aria Operations. An authenticated user with ReadOnly privileges can lead to code execution and privilege escalation. Affected product: VMware Aria Operations (vRealize). CVSSv3.1: 8.8 (HIGH) with Network attack, low complexity, privileges required: LOW. Root cause an...
CVE-2020-3982
CVE-2020-3982 is a TOCTOU/L1 out-of-bounds write vulnerability in VMware ESXi (7.0 prior to 7.0.1-0.0.16850804; 6.7 prior to 670-202008101-SG; 6.5 prior to 650-202007101-SG) and related Workstation 15.x and Fusion 11.x (before 11.5.6). It arises from an ACPI device TOCTOU/TOC2U flaw that may let ...
CVE-2021-21995
CVE-2021-21995 affects VMware ESXi OpenSLP, enabling a remote attacker to trigger a heap out-of-bounds read over port 427 and cause a denial-of-service. OpenSLP DOS is documented across multiple sources (NVD, Red Hat, VMware). Mitigation is via VMware security advisory VMSA-2021-0014 and related ...
CVE-2021-22010
CVE-2021-22010 affects VMware vCenter Server: DoS caused by VPXD memory exhaustion when an attacker with network access to port 443 exploits a vulnerability in VPXD. Affected product scope includes vCenter Server deployments that expose VPXD on 443, leading to degraded service or denial of servic...
CVE-2021-22002
CVE-2021-22002 affects VMware Workspace ONE Access and Identity Manager. The flaw allows tampering with host headers to access the /cfg web app and diagnostic endpoints over port 443, bypassing authentication for those resources. The root cause is improper validation of host headers that enables ...
CVE-2020-3962
VMware CVE-2020-3962 affects multiple products: ESXi (7.0 prior to 7.0.0-1.20.16321839; 6.7 prior to 202004101-SG; 6.5 prior to 202005401-SG), Workstation (15.x prior to 15.5.5), and Fusion (11.x prior to 11.5.5). The root cause is a use-after-free in the SVGA device. A local attacker who has acc...
CVE-2021-22019
CVE-2021-22019 is a denial-of-service vulnerability in VMware vCenter Server’s VAPI service. A remote attacker can send a crafted jsonrpc message to port 5480 to trigger DoS, impacting availability. Red Hat and NVD describe the same DoS condition; the issue is listed under VMSA-2021-0020 with hig...
CVE-2020-3971
VMware CVE-2020-3971 describes a heap-overflow vulnerability in the vmxnet3 virtual network adapter affecting VMware ESXi (6.7/6.5 lines; 7.0 later), Workstation, and Fusion. An attacker with local access to a VM that has a vmxnet3 adapter present may read privileged information from physical/hyp...
CVE-2026-22719
CVE-2026-22719 describes a command injection vulnerability in VMware Aria Operations that could allow an unauthenticated attacker to execute arbitrary commands and potentially achieve remote code execution during support‑assisted product migration. Affected product is VMware Aria Operations (8.x ...
CVE-2021-22003
CVE-2021-22003 affects VMware Workspace One Access and Identity Manager. The issue is an unintentionally exposed login interface on port 7443. An attacker with network access could perform user enumeration or brute force the login endpoint, with practicality hinging on the target’s lockout policy...
CVE-2021-22007
CVE-2021-22007 affects VMware vCenter Server in the Analytics service. An authenticated user with non-administrative privileges can disclose sensitive information via a local information disclosure vulnerability in Analytics. The issue is classified with CVSSv3.1 base score 5.5 (vector: CVSS:3.1/...
CVE-2021-22020
CVE-2021-22020 is a denial-of-service vulnerability in the Analytics service of VMware vCenter Server. Exploitation relies on input handling in Analytics, leading to DoS. VMware's VMSA-2021-0020 provides updates/patches; CVSSv3.1 shows MEDIUM (5.5) with LOCAL/low complexity. No exploit details ar...
CVE-2020-3969
CVE-2020-3969 is an off-by-one heap-overflow in the SVGA device affecting VMware ESXi (7.0 prior to 7.0.0-1.20.16321839; 6.7 prior to 202004101-SG; 6.5 prior to 202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5). A local attacker with access to a VM that has 3D graph...
CVE-2024-22275
CVE-2024-22275 affects VMware vCenter Server and is a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell can exploit it to read arbitrary sensitive data from files, with Confidentiality impact rated High and other impacts not affected....
CVE-2022-22939
CVE-2022-22939 affects VMware Cloud Foundation (SDDC Manager). The root cause is information disclosure from credentials being logged in plaintext across multiple log files, enabling a malicious actor with root access to view credentials. Affected releases include VMware Cloud Foundation 3.x and ...
CVE-2020-3995
CVE-2020-3995: VMware VMCI host driver memory leak in ESXi/Workstation/Fusion (affected versions listed in VMware advisories) can permit a VM-guest attacker with access to trigger memory leakage, potentially exhausting hypervisor memory during sustained attacks. Concrete details across sources sh...
CVE-2025-22222
CVE-2025-22222 affects VMware Aria Operations and Aria Operations for Logs. A information-disclosure flaw allows a non-administrative user who knows a valid service credential ID to retrieve credentials for an outbound plugin. The issue is contextualized with related CVEs (CVE-2025-22218/22219/22...
CVE-2022-31700
CVE-2022-31700 affects VMware Workspace ONE Access and Identity Manager. The vulnerability is an authenticated remote code execution flaw (RCE) in the product, with a CVSSv3 base score of 7.2 (Important). Public documents describe the issue as an authenticated RCE, potentially allowing code execu...
CVE-2020-3967
VMware CVE-2020-3967 is a heap-overflow vulnerability in the EHCI USB 2.0 controller across ESXi (7.0 before 7.0.0-1.20.16321839, 6.7 before 202004101-SG, 6.5 before 202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5). A local attacker with VM access can exploit it to...
CVE-2024-37086
CVE-2024-37086 affects VMware ESXi with an out-of-bounds read condition. The vulnerability can be triggered by a malicious actor with local administrative privileges on a VM that has an existing snapshot, potentially causing a denial-of-service on the host. Several connected sources corroborate a...
CVE-2020-3966
CVE-2020-3966 is a heap-overflow due to a race condition in the EHCI USB 2.0 controller affecting VMware ESXi (7.0 before 7.0.0-1.20.16321839; 6.7 before 202004101-SG; 6.5 before 202005401-SG), VMware Workstation (15.x before 15.5.2), and VMware Fusion (11.x before 11.5.2). A local attacker withi...