VYPR

Infrastructure

by VMware

CVEs (4)

  • CVE-2025-22224CriKEVMar 4, 2025
    risk 0.73cvss 9.3epss 0.02

    VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process…

  • CVE-2026-22719KEVFeb 25, 2026
    risk 0.12cvss epss 0.17

    VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.  …

  • CVE-2011-2217Jun 6, 2011
    risk 0.06cvss epss 0.42

    Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly…

  • CVE-2006-3589Jul 21, 2006
    risk 0.00cvss epss 0.00

    vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.