VMware

Telco Cloud Platform

22 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
9.3

CVE-2025-41236

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 15.07.2025 18:34:12
  • Zuletzt bearbeitet 15.07.2025 20:07:28

VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this i...

5.9

CVE-2025-22245

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 04.06.2025 19:32:42
  • Zuletzt bearbeitet 14.07.2025 17:22:07

VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation.

6.9

CVE-2025-22244

Medienbericht
  • EPSS 0.04%
  • Veröffentlicht 04.06.2025 19:32:17
  • Zuletzt bearbeitet 14.07.2025 17:22:22

VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation.

7.5

CVE-2025-22243

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 04.06.2025 19:31:36
  • Zuletzt bearbeitet 14.07.2025 17:22:34

VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation.

4.3

CVE-2025-41228

Medienbericht
  • EPSS 6.01%
  • Veröffentlicht 20.05.2025 14:24:34
  • Zuletzt bearbeitet 21.05.2025 20:25:16

VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to...

5.5

CVE-2025-41227

Medienbericht
  • EPSS 0.09%
  • Veröffentlicht 20.05.2025 14:24:29
  • Zuletzt bearbeitet 21.05.2025 20:25:16

VMware ESXi, Workstation, and Fusion contain a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating system may be able to exploit this issue by exhausting memory o...

6.8

CVE-2025-41226

Medienbericht
  • EPSS 0.13%
  • Veröffentlicht 20.05.2025 14:24:24
  • Zuletzt bearbeitet 21.05.2025 20:25:16

VMware ESXi contains a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated through vCenter Server or ESXi may trigger this issue to cre...

8.8

CVE-2025-41225

Medienbericht
  • EPSS 0.12%
  • Veröffentlicht 20.05.2025 14:24:17
  • Zuletzt bearbeitet 21.05.2025 20:25:16

The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server.

8.2

CVE-2025-22249

Medienbericht
  • EPSS 0.19%
  • Veröffentlicht 13.05.2025 05:08:03
  • Zuletzt bearbeitet 11.07.2025 14:27:30

VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a mali...

8.2

CVE-2025-22224

Warnung Medienbericht
  • EPSS 52.67%
  • Veröffentlicht 04.03.2025 12:15:33
  • Zuletzt bearbeitet 30.10.2025 19:52:49

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the vi...