Vulnerabilities > Vmware > Cloud Foundation > Critical

DATE CVE VULNERABILITY TITLE RISK
2020-11-23 CVE-2020-4006 OS Command Injection vulnerability in VMWare products
VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address have a command injection vulnerability.
network
low complexity
vmware CWE-78
critical
 9.1
9.1
2020-10-20 CVE-2020-3992 Use After Free vulnerability in VMWare Esxi 6.5/6.7
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue.
network
low complexity
vmware CWE-416
critical
 9.8
9.8