Vulnerabilities > Vmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2021-10-28 | CVE-2021-22097 | Deserialization of Untrusted Data vulnerability in VMWare Spring Advanced Message Queuing Protocol In Spring AMQP versions 2.2.0 - 2.2.18 and 2.3.0 - 2.3.10, the Spring AMQP Message object, in its toString() method, will deserialize a body for a message with content type application/x-java-serialized-object. | 6.8 |
2021-10-21 | CVE-2021-22034 | Unspecified vulnerability in VMWare Vrealize Operations Tenant Releases prior to VMware vRealize Operations Tenant App 8.6 contain an Information Disclosure Vulnerability. | 5.0 |
2021-10-13 | CVE-2021-22033 | Server-Side Request Forgery (SSRF) vulnerability in VMWare products Releases prior to VMware vRealize Operations 8.6 contain a Server Side Request Forgery (SSRF) vulnerability. | 4.0 |
2021-10-13 | CVE-2021-22035 | Injection vulnerability in VMWare products VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. | 4.0 |
2021-10-13 | CVE-2021-22036 | Information Exposure vulnerability in VMWare Vrealize Automation and Vrealize Orchestrator VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. | 4.3 |
2021-09-23 | CVE-2021-22015 | Files or Directories Accessible to External Parties vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. | 7.8 |
2021-09-23 | CVE-2021-22016 | Cross-site Scripting vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a reflected cross-site scripting vulnerability due to a lack of input sanitization. | 4.3 |
2021-09-23 | CVE-2021-22017 | Unspecified vulnerability in VMWare Vcenter Server 6.7 Rhttproxy as used in vCenter Server contains a vulnerability due to improper implementation of URI normalization. | 5.0 |
2021-09-23 | CVE-2021-22018 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains an arbitrary file deletion vulnerability in a VMware vSphere Life-cycle Manager plug-in. | 6.4 |
2021-09-23 | CVE-2021-22019 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a denial-of-service vulnerability in VAPI (vCenter API) service. | 5.0 |