Vulnerabilities in vmware
225 resultsCVE-2017-4926—VMware vCenter Server (6.5 prior to 6.5 U1) contains a vulnerability that may allow for stored cross-site scripting (XSS). An attacker with EPSS 0.8%CVE-2025-41228MEDIUMVMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) VulnerabilityEPSS 0.7%CVE-2025-41240CRITICALMounted Kubernetes Secrets under a predictable path located within the web server document rootEPSS 0.7%CVE-2024-22231MEDIUMSyndic cache directory creation is vulnerable to a directory traversal attackEPSS 0.7%CVE-2026-22721MEDIUMVMware Aria Operations privilege escalation vulnerabilityEPSS 0.7%CVE-2023-34056MEDIUMVMware vCenter Server Partial Information Disclosure VulnerabilityEPSS 0.7%CVE-2017-4917—VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. TEPSS 0.6%CVE-2025-22218HIGHVMware Aria Operations for Logs information disclosure vulnerabilityEPSS 0.6%CVE-2025-41250HIGHHeader injection vulnerabilityEPSS 0.6%CVE-2020-3947—VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a use-after vulnerability in vmnetdhcp. Successful exploitatEPSS 0.6%CVE-2024-38820LOWCVE-2024-38820: Spring Framework DataBinder Case Sensitive Match ExceptionEPSS 0.6%CVE-2025-41229HIGHVMware Cloud Foundation Directory Traversal VulnerabilityEPSS 0.6%CVE-2025-22219MEDIUMVMware Aria Operations for Logs stored cross-site scripting vulnerability (CVE-2025-22219)EPSS 0.6%CVE-2017-4924—VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-EPSS 0.6%CVE-2020-3965—VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x beEPSS 0.6%CVE-2025-41245MEDIUMVMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)EPSS 0.6%CVE-2020-3962—VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x beEPSS 0.6%CVE-2020-3968—VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x beEPSS 0.6%CVE-2020-3963—VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x beEPSS 0.5%CVE-2024-22264HIGHVMware Avi Load Balancer updates address multiple vulnerabilitiesEPSS 0.5%