📦 Cloud Foundation

This CVE describes a TOCTOU vulnerability in VMware ESXi and Workstation that allows local administrative users within a virtual machine to execute arbitrary code on the host system via the VMX proces...

CVE-2024-38812 is a critical heap-overflow vulnerability in vCenter Server's DCERPC protocol implementation that allows remote code execution. Attackers with network access can exploit it by sending s...

CVE-2024-37079 is a critical heap overflow vulnerability in vCenter Server's DCERPC protocol implementation that allows remote code execution. Attackers with network access can exploit it by sending s...

CVE-2023-34063 is a missing access control vulnerability in VMware Aria Automation that allows authenticated malicious actors to access remote organizations and workflows without proper authorization....

CVE-2023-20864 is a critical deserialization vulnerability in VMware Aria Operations for Logs that allows unauthenticated attackers with network access to execute arbitrary code as root. This affects ...

This authentication bypass vulnerability allows attackers with network access to the UI to gain administrative privileges without credentials. It affects VMware Workspace ONE Access, Identity Manager,...

This vulnerability allows remote attackers to execute arbitrary code on VMware Workspace ONE Access and Identity Manager systems through server-side template injection. Attackers with network access c...

CVE-2021-22005 is a critical arbitrary file upload vulnerability in VMware vCenter Server's Analytics service. Attackers with network access to port 443 can upload malicious files to execute arbitrary...

This vulnerability allows attackers to bypass authentication and access sensitive configuration and diagnostic endpoints in VMware Workspace ONE Access and Identity Manager by manipulating host header...

CVE-2021-21994 is an authentication bypass vulnerability in SFCB (Small Footprint CIM Broker) used in VMware ESXi. An attacker with network access to port 5989 can send specially crafted requests to b...

CVE-2021-21985 is a critical remote code execution vulnerability in VMware vSphere Client's Virtual SAN Health Check plugin. Attackers with network access to port 443 can execute arbitrary commands wi...

CVE-2021-21972 is a critical remote code execution vulnerability in VMware vSphere Client's HTML5 interface. It allows unauthenticated attackers with network access to port 443 to upload arbitrary fil...

This vulnerability allows a malicious actor on the management network to exploit a use-after-free flaw in OpenSLP service on VMware ESXi, potentially leading to remote code execution. It affects VMwar...

CVE-2026-22719 is a command injection vulnerability in VMware Aria Operations that allows unauthenticated attackers to execute arbitrary commands during support-assisted product migration. This can le...

This CVE describes a local privilege escalation vulnerability in VMware Aria Operations and VMware Tools. A malicious local user with non-administrative privileges on a VM can exploit this to gain roo...

VMware NSX Manager UI has a stored XSS vulnerability that allows attackers to inject malicious scripts into web pages viewed by other users. This affects organizations using VMware NSX Manager for net...

VMware Cloud Foundation contains a missing authorization vulnerability that allows authenticated users to perform unauthorized actions and access limited sensitive information. This affects organizati...

This DOM-based XSS vulnerability in VMware Aria Automation allows attackers to steal authenticated users' access tokens by tricking them into clicking malicious URLs. The vulnerability affects VMware ...

This vulnerability allows attackers with administrative privileges on a virtual machine to read memory from the host's vmx process, potentially exposing sensitive information. It affects VMware ESXi, ...

VMware Aria Operations contains an information disclosure vulnerability where authenticated non-administrative users can retrieve credentials for outbound plugins if they know a valid service credenti...

VMware Aria Operations for Logs contains an information disclosure vulnerability where authenticated users with View Only Admin permissions can read credentials of integrated VMware products. This aff...

CVE-2024-38830 is a local privilege escalation vulnerability in VMware Aria Operations. Attackers with local administrative access can exploit this to gain root privileges on the appliance. Organizati...

VMware Aria Operations contains a stored cross-site scripting vulnerability that allows authenticated users with editing access to inject malicious scripts into views. This can lead to session hijacki...

CVE-2024-22280 is a SQL injection vulnerability in VMware Aria Automation that allows authenticated attackers to execute arbitrary SQL queries. This enables unauthorized database read/write operations...

CVE-2024-37081 is a local privilege escalation vulnerability in VMware vCenter Server caused by sudo misconfigurations. Authenticated local users with non-administrative privileges can exploit this to...

CVE-2024-22274 is an authenticated remote code execution vulnerability in VMware vCenter Server. Attackers with administrative shell access on the vCenter appliance can execute arbitrary commands on t...

This CVE describes an out-of-bounds write vulnerability in VMware ESXi that could allow a malicious actor with VMX process privileges to escape the sandbox. This affects VMware ESXi hypervisors, poten...

This CVE describes a deserialization vulnerability in VMware Aria Operations that allows authenticated administrators to execute arbitrary commands on the system. The vulnerability could lead to compl...

This vulnerability allows remote code execution in VMware Workspace ONE Access, Identity Manager, and vRealize Automation. An attacker with administrative access can exploit insecure deserialization v...

This vulnerability allows a malicious actor with local access to VMware Workspace ONE Access, Identity Manager, or vRealize Automation systems to escalate privileges to root due to improper permission...

CVE-2022-22945 is a CLI shell injection vulnerability in VMware NSX Edge that allows authenticated attackers with SSH access to execute arbitrary commands as root. This affects organizations using vul...

This vulnerability in VMware ESXi allows attackers with VMX process privileges to access the settingsd service running with high privileges. This could lead to unauthorized configuration changes or pr...

CVE-2021-22050 is a slow HTTP POST denial-of-service vulnerability in VMware ESXi's rhttpproxy service. Attackers with network access can overwhelm the service with multiple slow requests, causing den...

This CVE describes a heap-overflow vulnerability in VMware's CD-ROM device emulation that could allow a malicious actor with access to a virtual machine to potentially execute code on the hypervisor. ...

CVE-2021-21980 is an unauthorized arbitrary file read vulnerability in the vSphere Web Client (FLEX/Flash) that allows attackers with network access to port 443 on vCenter Server to access sensitive i...

CVE-2021-22048 is a privilege escalation vulnerability in VMware vCenter Server's IWA authentication mechanism. Attackers with non-administrative access can exploit it to gain higher privileges, poten...

This vulnerability allows attackers to cause a denial-of-service condition in VMware vCenter Server by sending specially crafted JSON-RPC messages to the VAPI service on port 5480. Organizations runni...

CVE-2021-22012 is an information disclosure vulnerability in VMware vCenter Server's unauthenticated appliance management API. Attackers with network access to port 443 can exploit this to access sens...

CVE-2021-22014 is an authenticated remote code execution vulnerability in VMware vCenter Server's VAMI interface. An attacker with valid credentials and network access to port 5480 can execute arbitra...

This vulnerability in VMware vCenter Server's VAPI service allows attackers with network access to port 443 to send specially crafted JSON-RPC messages and access sensitive information. It affects org...

This vulnerability in VMware vCenter Server allows attackers with network access to port 443 to trigger excessive memory consumption in the VPXD service, causing a denial-of-service condition. It affe...

CVE-2021-21991 is a local privilege escalation vulnerability in VMware vCenter Server that allows authenticated non-administrative users to gain Administrator privileges. This affects vSphere Client (...

This vulnerability allows an attacker with administrative API access to vRealize Operations Manager to modify other users' information, potentially leading to account takeover. It affects vRealize Ope...

CVE-2021-22025 is a broken access control vulnerability in VMware vRealize Operations Manager API that allows unauthenticated attackers to add new nodes to existing vROps clusters. This affects vReali...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in the vRealize Operations Manager API. Unauthenticated attackers with network access can exploit this to make the server send req...

VMware NSX contains a stored Cross-Site Scripting vulnerability in the router port due to improper input validation. This allows authenticated attackers to inject malicious scripts that execute when o...

VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability that allows authenticated non-administrative users to inject malicious scripts. When executed by an administrator, ...

VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability where an authenticated admin user can inject malicious scripts. When other users perform delete actions in Agent Co...

VMware Aria Operations contains a stored cross-site scripting vulnerability that allows authenticated users with editing access to cloud providers to inject malicious scripts. When other users view th...

This vulnerability allows a malicious actor with local administrative privileges on a virtual machine with an existing snapshot to trigger an out-of-bounds read in VMware ESXi. This can lead to a deni...