VYPR

Vendor CVEs

VMware

All CVEs

967 total · sorted by risk
  • CVE-2017-4912HigJun 8, 2017
    risk 0.51cvss 7.8epss 0.00

    VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on…

  • CVE-2017-4911HigJun 8, 2017
    risk 0.51cvss 7.8epss 0.00

    VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows…

  • CVE-2017-4910HigJun 8, 2017
    risk 0.51cvss 7.8epss 0.00

    VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows…

  • CVE-2017-4909HigJun 8, 2017
    risk 0.51cvss 7.8epss 0.00

    VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the…

  • CVE-2017-4908HigJun 8, 2017
    risk 0.51cvss 7.8epss 0.00

    VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows…

  • CVE-2016-7086HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.

  • CVE-2016-7085HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.

  • CVE-2016-7082HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via…

  • CVE-2016-7081HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.01

    Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified…

  • CVE-2016-7080HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079.

  • CVE-2016-7079HigDec 29, 2016
    risk 0.51cvss 7.8epss 0.00

    The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080.

  • CVE-2016-5335HigAug 31, 2016
    risk 0.51cvss 7.8epss 0.00

    VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors.

  • CVE-2010-2798HigSep 8, 2010
    risk 0.51cvss 7.8epss 0.00

    The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel directory entries, which allows local users to cause a denial of service (NULL pointer dereference and panic) and possibly…

  • CVE-2010-2524HigSep 8, 2010
    risk 0.51cvss 7.8epss 0.00

    The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyring for the dns_resolver upcall in the cifs.upcall userspace helper, which allows local users to spoof the results of DNS…

  • CVE-2010-2492HigSep 8, 2010
    risk 0.51cvss 7.8epss 0.00

    Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users to gain privileges or cause a denial of service (system crash) via unspecified vectors.

  • CVE-2009-0034HigJan 30, 2009
    risk 0.51cvss 7.8epss 0.00

    parse.c in sudo 1.6.9p17 through 1.6.9p19 does not properly interpret a system group (aka %group) in the sudoers file during authorization decisions for a user who belongs to that group, which allows local users to leverage an applicable sudoers file and gain root privileges via…

  • CVE-2014-0225HigMay 25, 2017
    risk 0.50cvss 8.8epss 0.02

    When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. This enabled an XXE attack.

  • CVE-2016-7459HigDec 29, 2016
    risk 0.50cvss 7.7epss 0.02

    VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML document containing an external entity declaration in conjunction with an entity…

  • CVE-2016-2076HigApr 15, 2016
    risk 0.50cvss 7.6epss 0.01

    Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 before 6.2.4.1 mishandles session content, which allows remote attackers to hijack sessions via a crafted web…

  • CVE-2004-0079HigNov 23, 2004
    risk 0.50cvss 7.5epss 0.10

    The do_change_cipher_spec function in OpenSSL 0.9.6c to 0.9.6k, and 0.9.7a to 0.9.7c, allows remote attackers to cause a denial of service (crash) via a crafted SSL/TLS handshake that triggers a null dereference.

  • CVE-2026-41856HigJun 11, 2026
    risk 0.49cvss 7.5epss 0.00

    The Spring GraphQL annotation detection mechanism for @Controller data fetchers may not correctly resolve annotations on methods within type hierarchies. This can be an issue if such annotations are used for authorization decisions. When all conditions are met, security…

  • CVE-2026-40988HigJun 10, 2026
    risk 0.49cvss 7.5epss 0.00

    An application using spring-security-saml2-service-provider and the REDIRECT binding for SAML 2.0 Login or Logout may be vulnerable to a denial of service by way of an unbounded writer that inflates the compressed SAML payload into memory. Affected versions: Spring Security…

  • CVE-2026-41842HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Spring MVC and WebFlux applications are vulnerable to Denial of Service (DoS) attacks when resolving static resources. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18; 6.1.0 through 6.1.27; 5.3.0 through 5.3.48.

  • CVE-2026-41007HigJun 9, 2026
    risk 0.49cvss 7.5epss 0.00

    Spring HATEOAS maintains an unbounded static cache of StringLinkRelation instances keyed on attacker-supplied strings. Affected versions: Spring HATEOAS 1.5.0 through 1.5.6; 2.3.0 through 2.3.4; 2.4.0 through 2.4.1; 2.5.0 through 2.5.2; 3.0.0 through 3.0.3.

  • CVE-2026-41705HigMay 9, 2026
    risk 0.49cvss 8.6epss 0.00

    Spring AI's MilvusVectorStore#doDelete(List) implementation is vulnerable to filter-expression injection via unsanitized document IDs. Spring AI 1.0.x: affected from 1.0.0 through latest 1.0.x; upgrade to 1.0.7 or greater. Spring AI 1.1.x: affected from 1.1.0 through latest…

  • CVE-2026-40972HigApr 28, 2026
    risk 0.49cvss 7.5epss 0.00

    An attacker on the same network as the remote application may be able to utilize a timing attack to discover information about the remote secret. In extreme circumstances this could result in the attacker determining the secret and uploading changed classes, thereby achieving…

  • CVE-2026-22754HigApr 22, 2026
    risk 0.49cvss 7.5epss 0.00

    Vulnerability in Spring Spring Security. If an application uses <sec:intercept-url servlet-path="/servlet-path" pattern="/endpoint/**"/> to define the servlet path for computing a path matcher, then the servlet path is not included and the related authorization rules are not…

  • CVE-2026-22753HigApr 22, 2026
    risk 0.49cvss 7.5epss 0.00

    Vulnerability in Spring Spring Security. If an application is using securityMatchers(String) and a PathPatternRequestMatcher.Builder bean to prepend a servlet path, matching requests to that filter chain may fail and its related security components will not be exercised as…

  • CVE-2026-22742HigMar 27, 2026
    risk 0.49cvss 8.6epss 0.00

    Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel when processing multimodal messages that include user-supplied media URLs. Insufficient validation of those URLs allows an attacker to induce the server…

  • CVE-2025-41252HigSep 29, 2025
    risk 0.49cvss 7.5epss 0.01

    Description: VMware NSX contains a username enumeration vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially leading to unauthorized access attempts. Impact: Username enumeration → facilitates unauthorized access. …

  • CVE-2025-41246HigSep 29, 2025
    risk 0.49cvss 7.6epss 0.00

    VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls. A malicious actor with non-administrative privileges on a guest VM, who is already authenticated through vCenter or ESX may exploit this issue to access…

  • CVE-2017-4928HigNov 17, 2017
    risk 0.49cvss 7.5epss 0.01

    The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization of URLs. An attacker may exploit these issues by sending a POST request with…

  • CVE-2017-4927HigNov 17, 2017
    risk 0.49cvss 7.5epss 0.02

    VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service.

  • CVE-2016-4019HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 104477.

  • CVE-2016-3413HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103996.

  • CVE-2016-3405HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Multiple unspecified vulnerabilities in Zimbra Collaboration before 8.7.0 allow remote attackers to affect integrity via unknown vectors, aka bugs 103961 and 104828.

  • CVE-2016-3404HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect integrity via unknown vectors, aka bug 103959.

  • CVE-2016-3402HigJan 18, 2017
    risk 0.49cvss 7.5epss 0.02

    Unspecified vulnerability in Zimbra Collaboration before 8.7.0 allows remote attackers to affect confidentiality via unknown vectors, aka bug 99167.

  • CVE-2016-9879HigJan 6, 2017
    risk 0.49cvss 7.5epss 0.01

    An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. Spring Security does not consider URL path parameters when processing security constraints. By adding a URL path parameter with an encoded "/" to a request, an attacker…

  • CVE-2010-4251HigMay 26, 2011
    risk 0.49cvss 7.5epss 0.04

    The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote attackers to cause a denial of service (memory consumption) by sending a large amount of network traffic, as demonstrated by…

  • CVE-2009-3547HigNov 4, 2009
    risk 0.49cvss 7.0epss 0.05

    Multiple race conditions in fs/pipe.c in the Linux kernel before 2.6.32-rc6 allow local users to cause a denial of service (NULL pointer dereference and system crash) or gain privileges by attempting to open an anonymous pipe via a /proc/*/fd/ pathname.

  • CVE-2024-22246HigApr 2, 2024
    risk 0.48cvss 7.4epss 0.00

    VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. A malicious actor with local access to the Edge Router UI during activation may be able to perform a command injection attack that could lead to full…

  • CVE-2018-6979HigOct 5, 2018
    risk 0.48cvss 7.4epss 0.01

    The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML…

  • CVE-2015-6934HigDec 21, 2015
    risk 0.48cvss 7.3epss 0.05

    Serialized-object interfaces in VMware vRealize Orchestrator 6.x, vCenter Orchestrator 5.x, vRealize Operations 6.x, vCenter Operations 5.x, and vCenter Application Discovery Manager (vADM) 7.x allow remote attackers to execute arbitrary commands via a crafted serialized Java…

  • CVE-2025-62627HigMay 13, 2026
    risk 0.47cvss epss 0.00

    An untrusted pointer dereference in the ionic cloud driver for VMWare ESXi could allow an attacker with an unprivileged VM to read kernel memory or co-located guest VM memory, potentially resulting in loss of confidentiality or availability.

  • CVE-2026-41845HigJun 9, 2026
    risk 0.46cvss 7.1epss 0.00

    Due to incorrect escaping, the use of JavaScriptUtils.javaScriptEscape() may lead to JavaScript code injection in the browser, potentially resulting in a cross-site scripting (XSS) vulnerability. Affected versions: Spring Framework 7.0.0 through 7.0.7; 6.2.0 through 6.2.18;…

  • CVE-2026-41713HigMay 12, 2026
    risk 0.46cvss 8.2epss 0.00

    A malicious user could craft input that is stored in conversation memory and later interpreted by the model in an unintended way. Applications using the affected advisor with user-controlled input may be susceptible to manipulation of model behavior across conversation turns.

  • CVE-2026-40973HigApr 28, 2026
    risk 0.46cvss 7.0epss 0.00

    A local attacker on the same host as the application may be able to take control of the directory used by `ApplicationTemp`. When `server.servlet.session.persistent` is set to `true` and the attack persists across application restarts, this may allow the attacker to read session…

  • CVE-2025-48700MedKEVJun 23, 2025
    risk 0.46cvss 6.1epss 0.02

    An issue was discovered in Zimbra Collaboration (ZCS) 8.8.15 and 9.0 and 10.0 and 10.1. A Cross-Site Scripting (XSS) vulnerability in the Zimbra Classic UI allows attackers to execute arbitrary JavaScript within the user's session, potentially leading to unauthorized access to…

  • CVE-2022-22977HigMay 24, 2022
    risk 0.46cvss 7.1epss 0.01

    VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. A malicious actor with non-administrative local user privileges in the Windows guest OS, where VMware Tools is installed, may exploit this issue leading to a…

Page 3 of 20