VMware

Telco Cloud Platform

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.2

CVE-2026-22721

  • EPSS 0.03%
  • Veröffentlicht 25.02.2026 20:00:15
  • Zuletzt bearbeitet 04.03.2026 15:54:26

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2...

9

CVE-2026-22720

  • EPSS 0.08%
  • Veröffentlicht 25.02.2026 19:33:14
  • Zuletzt bearbeitet 04.03.2026 15:55:32

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations.  To remediate CVE-20...

8.1

CVE-2026-22719

Warnung Medienbericht
  • EPSS 1.98%
  • Veröffentlicht 25.02.2026 19:18:59
  • Zuletzt bearbeitet 04.03.2026 15:08:13

VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product...

8.5

CVE-2025-41250

Medienbericht
  • EPSS 0.08%
  • Veröffentlicht 29.09.2025 18:15:31
  • Zuletzt bearbeitet 29.09.2025 19:34:10

VMware vCenter contains an SMTP header injection vulnerability. A malicious actor with non-administrative privileges on vCenter who has permission to create scheduled tasks may be able to manipulate the notification emails sent for scheduled tasks.

4.9

CVE-2025-41245

  • EPSS 0.05%
  • Veröffentlicht 29.09.2025 17:15:31
  • Zuletzt bearbeitet 29.09.2025 19:34:10

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations.

7.8

CVE-2025-41244

Warnung Medienbericht Exploit
  • EPSS 0.37%
  • Veröffentlicht 29.09.2025 17:15:30
  • Zuletzt bearbeitet 06.11.2025 13:58:13

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled ...

4.4

CVE-2025-41241

  • EPSS 0.05%
  • Veröffentlicht 29.07.2025 12:25:55
  • Zuletzt bearbeitet 29.07.2025 14:14:29

VMware vCenter contains a denial-of-service vulnerability. A malicious actor who is authenticated through vCenter and has permission to perform API calls for guest OS customisation may trigger this vulnerability to create a denial-of-service conditio...

7.1

CVE-2025-41239

  • EPSS 0.04%
  • Veröffentlicht 15.07.2025 18:35:03
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A malicious actor with local administrative privileges on a virtual machine may be able to ex...

9.3

CVE-2025-41238

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 15.07.2025 18:34:48
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit t...

9.3

CVE-2025-41237

Medienbericht
  • EPSS 0.03%
  • Veröffentlicht 15.07.2025 18:34:21
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this iss...