VMware
Vulnerabilities

CVE-2025-22224 CRITICAL

VMware ESXi and Workstation TOCTOU Race Condition Vulnerability

VMware ESXi and Workstation

CVSS 9.3

Added Mar 04

CVE-2025-22225 HIGH Ransomware

VMware ESXi Arbitrary Write Vulnerability

VMware ESXi

CVSS 8.2

Added Mar 04

CVE-2025-22226 HIGH

VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability

VMware ESXi, Workstation, and Fusion

CVSS 7.1

Added Mar 04

CVE-2024-38812 CRITICAL

VMware vCenter Server Heap-Based Buffer Overflow Vulnerability

VMware vCenter Server

CVSS 9.8

Added Nov 20

CVE-2024-38813 HIGH

VMware vCenter Server Privilege Escalation Vulnerability

VMware vCenter Server

CVSS 7.5

Added Nov 20

CVE-2024-37085 MEDIUM Ransomware

VMware ESXi Authentication Bypass Vulnerability

VMware ESXi

CVSS 6.8

Added Jul 30

CVE-2022-22948 MEDIUM

VMware vCenter Server Incorrect Default File Permissions Vulnerability

VMware vCenter Server

CVSS 6.5

Added Jul 17

CVE-2023-34048 CRITICAL

VMware vCenter Server Out-of-Bounds Write Vulnerability

VMware vCenter Server

CVSS 9.8

Added Jan 22

CVE-2023-20867 LOW

VMware Tools Authentication Bypass Vulnerability

VMware Tools

CVSS 3.9

Added Jun 23

CVE-2023-20887 CRITICAL

Vmware Aria Operations for Networks Command Injection Vulnerability

VMware Aria Operations for Networks

CVSS 9.8

Added Jun 22

CVE-2022-22947 CRITICAL

VMware Spring Cloud Gateway Code Injection Vulnerability

VMware Spring Cloud Gateway

CVSS 10

Added May 16

CVE-2022-22960 HIGH

VMware Multiple Products Privilege Escalation Vulnerability

VMware Multiple Products

CVSS 7.8

Added Apr 15

CVE-2022-22954 CRITICAL Ransomware

VMware Workspace ONE Access and Identity Manager Server-Side Template Injection Vulnerability

VMware Workspace ONE Access and Identity Manager

CVSS 9.8

Added Apr 14

CVE-2022-22965 CRITICAL

Spring Framework JDK 9+ Remote Code Execution Vulnerability

VMware Spring Framework

CVSS 9.8

Added Apr 04

CVE-2018-6961 HIGH

VMware SD-WAN Edge by VeloCloud Command Injection Vulnerability

VMware SD-WAN Edge

CVSS 8.1

Added Mar 25

CVE-2021-21973 MEDIUM

VMware vCenter Server and Cloud Foundation Server Side Request Forgery (SSRF) Vulnerability

VMware vCenter Server and Cloud Foundation

CVSS 5.3

Added Mar 07

CVE-2021-21975 HIGH Ransomware

VMware Server Side Request Forgery in vRealize Operations Manager API

VMware vRealize Operations Manager API

CVSS 7.5

Added Jan 18

CVE-2021-22017 MEDIUM

VMware vCenter Server Improper Access Control

VMware vCenter Server

CVSS 5.3

Added Jan 10

CVE-2019-5544 CRITICAL Ransomware

VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability

VMware VMware ESXi and Horizon DaaS

CVSS 9.8

Added Nov 03

CVE-2020-3950 HIGH

VMware Multiple Products Privilege Escalation Vulnerability

VMware Multiple Products

CVSS 7.8

Added Nov 03

CVE-2020-3952 CRITICAL

VMware vCenter Server Information Disclosure Vulnerability

VMware vCenter Server

CVSS 9.8

Added Nov 03

CVE-2020-3992 CRITICAL Ransomware

VMware ESXi OpenSLP Use-After-Free Vulnerability

VMware ESXi

CVSS 9.8

Added Nov 03

CVE-2020-4006 CRITICAL

Multiple VMware Products Command Injection Vulnerability

VMware Multiple Products

CVSS 9.1

Added Nov 03

CVE-2021-21972 CRITICAL Ransomware

VMware vCenter Server Remote Code Execution Vulnerability

VMware vCenter Server

CVSS 9.8

Added Nov 03

CVE-2021-21985 CRITICAL Ransomware

VMware vCenter Server Improper Input Validation Vulnerability

VMware vCenter Server

CVSS 9.8

Added Nov 03

CVE-2021-22005 CRITICAL Ransomware

VMware vCenter Server File Upload Vulnerability

VMware vCenter Server

CVSS 9.8

Added Nov 03