Known Vulnerabilities for products from VMware
Listed below are 20 of the newest known vulnerabilities associated with the vendor "VMware".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-22744 json | In RedisFilterExpressionConverter of spring-ai-redis-store, when a user-controlled string is passed as a filter value for ... | Not Provided | 2026-03-27 | 2026-04-16 |
| CVE-2026-22743 json | Spring AI's spring-ai-neo4j-store contains a Cypher injection vulnerability in Neo4jVectorFilterExpressionConverter. When ... | Not Provided | 2026-03-27 | 2026-04-16 |
| CVE-2026-22742 json | Spring AI's spring-ai-bedrock-converse contains a Server-Side Request Forgery (SSRF) vulnerability in BedrockProxyChatModel... | Not Provided | 2026-03-27 | 2026-04-16 |
| CVE-2026-22738 json | In Spring AI, a SpEL injection vulnerability exists in SimpleVectorStore when a user-supplied value is used as a filter exp... | Not Provided | 2026-03-27 | 2026-04-16 |
| CVE-2026-22732 json | When applications specify HTTP response headers for servlet applications using Spring Security, there is the possibility that... | Not Provided | 2026-03-19 | 2026-04-16 |
| CVE-2026-22731 json | Spring Boot applications with Actuator can be vulnerable to an "Authentication Bypass" vulnerability when an application endp... | Not Provided | 2026-03-19 | 2026-04-16 |
| CVE-2026-22730 json | A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-ba... | Not Provided | 2026-03-18 | 2026-04-01 |
| CVE-2026-22729 json | A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass meta... | Not Provided | 2026-03-18 | 2026-04-01 |
| CVE-2024-22256 json | 4.3 - MEDIUM | 2024-03-07 | 2024-03-12 | |
| CVE-2024-22233 json | 7.5 - HIGH | 2024-01-22 | 2024-01-29 | |
| CVE-2023-46120 json | The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxB... | 7.5 - HIGH | 2023-10-25 | 2023-11-01 |
| CVE-2023-46118 json | RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it v... | 4.9 - MEDIUM | 2023-10-25 | 2023-12-02 |
| CVE-2023-44794 json | An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload t... | 9.8 - CRITICAL | 2023-10-25 | 2023-10-31 |
| CVE-2023-34063 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.3 - HIGH | 2024-01-16 | 2024-01-25 |
| CVE-2023-34059 json | open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-ro... | 7 - HIGH | 2023-10-27 | 2023-11-08 |
| CVE-2023-34058 json | VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation ... | 7.5 - HIGH | 2023-10-27 | 2024-02-01 |
| CVE-2023-34057 json | VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtua... | 7.8 - HIGH | 2023-10-27 | 2023-11-07 |
| CVE-2023-34056 json | vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges... | 4.3 - MEDIUM | 2023-10-25 | 2023-10-31 |
| CVE-2023-34055 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-11-28 | 2023-12-04 |
| CVE-2023-34053 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-28 | 2023-12-04 |
Known software with vulnerabilities from VMware
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Vmware | Ace | - |
| Application | Vmware | Ace 2 | - |
| Application | Vmware | Airwatch | 7.3.0.0 |
| Application | Vmware | Airwatch Console | 9.1.0.0 |
| Application | Vmware | Airwatch Launcher | 3.2.2 |
| Application | Vmware | App Volumes | 2.10 |
| Application | Vmware | Capacityiq | 1.0.0 |
| Application | Vmware | Capacity Planner | 2.6.2.22938 |
| Application | Vmware | Cloud Foundation | - |
| Application | Vmware | Consolidated Backup Framework | 1.5.0.2192 |
| Application | Vmware | Converter | 1.0.0 |
| Application | Vmware | Converter Enterprise Client | 4.0.3.62417 |
| Application | Vmware | Data Recovery | 1.2.0 |
| Operating System | Vmware | Esx | - |
| Operating System | Vmware | Esxi | 3.5 |
| Application | Vmware | Esx Server | - |
| Application | Vmware | Fusion | - |
| Application | Vmware | Fusion Pro | 8.0.0 |
| Application | Vmware | Gemfire | 9.7.0 |
| Application | Vmware | Gsx Server | - |