Vulnerabilities > Vmware > Low

DATE CVE VULNERABILITY TITLE RISK
2021-08-30 CVE-2021-22021 Cross-site Scripting vulnerability in VMWare Cloud Foundation and Vrealize LOG Insight
VMware vRealize Log Insight (8.x prior to 8.4) contains a Cross Site Scripting (XSS) vulnerability due to improper user input validation.
network
vmware CWE-79
3.5
3.5
2021-06-28 CVE-2021-32719 Cross-site Scripting vulnerability in VMWare Rabbitmq
RabbitMQ is a multi-protocol messaging broker.
network
vmware CWE-79
3.5
3.5
2021-06-28 CVE-2021-32718 Cross-site Scripting vulnerability in VMWare Rabbitmq
RabbitMQ is a multi-protocol messaging broker.
network
vmware CWE-79
3.5
3.5
2021-05-24 CVE-2021-21989 Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation
VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser).
local
low complexity
vmware CWE-125
2.1
2.1
2021-05-24 CVE-2021-21988 Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation
VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser).
local
low complexity
vmware CWE-125
2.1
2.1
2021-05-24 CVE-2021-21987 Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation
VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser).
local
low complexity
vmware CWE-125
2.1
2.1
2020-12-21 CVE-2020-3999 NULL Pointer Dereference vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo.
local
low complexity
vmware CWE-476
2.1
2.1
2020-12-16 CVE-2020-4008 Unspecified vulnerability in VMWare Carbon Black Cloud
The installer of the macOS Sensor for VMware Carbon Black Cloud (prior to 3.5.1) handles certain files in an insecure way.
local
vmware
3.3
3.3
2020-10-23 CVE-2020-3997 Cross-site Scripting vulnerability in VMWare Horizon
VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross Site Scripting (XSS) vulnerability.
network
vmware CWE-79
3.5
3.5
2020-10-22 CVE-2020-3996 Unspecified vulnerability in VMWare Velero
Velero (prior to 1.4.3 and 1.5.2) in some instances doesn’t properly manage volume identifiers which may result in information leakage to unauthorized users.
local
low complexity
vmware
2.1
2.1