CVE-2025-22249
- EPSS 0.19%
- Veröffentlicht 13.05.2025 05:08:03
- Zuletzt bearbeitet 11.07.2025 14:27:30
VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a mali...
CVE-2021-21994
- EPSS 0.38%
- Veröffentlicht 13.07.2021 19:15:09
- Zuletzt bearbeitet 31.10.2025 11:44:38
SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.
CVE-2021-21995
- EPSS 0.47%
- Veröffentlicht 13.07.2021 19:15:09
- Zuletzt bearbeitet 31.10.2025 11:44:38
OpenSLP as used in ESXi has a denial-of-service vulnerability due a heap out-of-bounds read issue. A malicious actor with network access to port 427 on ESXi may be able to trigger a heap out-of-bounds read in OpenSLP service resulting in a denial-of-...