VMware

Cloud Foundation

138 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
Warnung Exploit
  • EPSS 100%
  • Veröffentlicht 26.05.2021 15:15:07
  • Zuletzt bearbeitet 30.10.2025 20:05:29

The vSphere Client (HTML5) contains a remote code execution vulnerability due to lack of input validation in the Virtual SAN Health Check plug-in which is enabled by default in vCenter Server. A malicious actor with network access to port 443 may exp...

  • EPSS 12.92%
  • Veröffentlicht 26.05.2021 15:15:07
  • Zuletzt bearbeitet 21.11.2024 05:49:22

The vSphere Client (HTML5) contains a vulnerability in a vSphere authentication mechanism for the Virtual SAN Health Check, Site Recovery, vSphere Lifecycle Manager, and VMware Cloud Director Availability plug-ins. A malicious actor with network acce...

Warnung Exploit
  • EPSS 78.29%
  • Veröffentlicht 31.03.2021 18:15:14
  • Zuletzt bearbeitet 30.10.2025 20:06:02

Server Side Request Forgery in vRealize Operations Manager API (CVE-2021-21975) prior to 8.4 may allow a malicious actor with network access to the vRealize Operations Manager API can perform a Server Side Request Forgery attack to steal administrati...

Exploit
  • EPSS 68.56%
  • Veröffentlicht 31.03.2021 18:15:14
  • Zuletzt bearbeitet 21.11.2024 05:49:22

Arbitrary file write vulnerability in vRealize Operations Manager API (CVE-2021-21983) prior to 8.4 may allow an authenticated malicious actor with network access to the vRealize Operations Manager API can write files to arbitrary locations on the un...

Exploit
  • EPSS 45.06%
  • Veröffentlicht 24.02.2021 17:15:16
  • Zuletzt bearbeitet 02.06.2026 21:16:24

OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427...

Warnung Exploit
  • EPSS 99.57%
  • Veröffentlicht 24.02.2021 17:15:15
  • Zuletzt bearbeitet 30.10.2025 20:06:27

The vSphere Client (HTML5) contains a remote code execution vulnerability in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue to execute commands with unrestricted privileges on the underlying operatin...

Warnung
  • EPSS 88.01%
  • Veröffentlicht 24.02.2021 17:15:15
  • Zuletzt bearbeitet 30.10.2025 20:06:18

The vSphere Client (HTML5) contains an SSRF (Server Side Request Forgery) vulnerability due to improper validation of URLs in a vCenter Server plugin. A malicious actor with network access to port 443 may exploit this issue by sending a POST request ...

Warnung
  • EPSS 23.77%
  • Veröffentlicht 23.11.2020 22:15:12
  • Zuletzt bearbeitet 30.10.2025 20:07:02

VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.

  • EPSS 0.39%
  • Veröffentlicht 20.11.2020 20:15:13
  • Zuletzt bearbeitet 31.10.2025 11:44:38

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A maliciou...

  • EPSS 0.38%
  • Veröffentlicht 20.11.2020 20:15:13
  • Zuletzt bearbeitet 31.10.2025 11:44:38

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileg...