Known Vulnerabilities for products from Vmware
Listed below are 20 of the newest known vulnerabilities associated with the vendor "Vmware".
These CVEs are retrieved based on exact matches on listed vendor information (CPE data) as well as a keyword search to ensure the newest vulnerabilities with no officially listed vendor information are still displayed.
Data on known vulnerable products is also displayed based on information from known CPEs, each product links to its respective vulnerability page.
Known Vulnerabilities
| CVE | Shortened Description | Severity | Publish Date | Last Modified |
|---|---|---|---|---|
| CVE-2026-22730 json | A critical SQL injection vulnerability in Spring AI's MariaDBFilterExpressionConverter allows attackers to bypass metadata-ba... | Not Provided | 2026-03-18 | 2026-04-01 |
| CVE-2026-22729 json | A JSONPath injection vulnerability in Spring AI's AbstractFilterExpressionConverter allows authenticated users to bypass meta... | Not Provided | 2026-03-18 | 2026-04-01 |
| CVE-2024-22256 json | 4.3 - MEDIUM | 2024-03-07 | 2024-03-12 | |
| CVE-2024-22233 json | 7.5 - HIGH | 2024-01-22 | 2024-01-29 | |
| CVE-2023-52975 json | Not Provided | 2025-03-27 | 2026-01-19 | |
| CVE-2023-46120 json | The RabbitMQ Java client library allows Java and JVM-based applications to connect to and interact with RabbitMQ nodes. `maxB... | 7.5 - HIGH | 2023-10-25 | 2023-11-01 |
| CVE-2023-46118 json | RabbitMQ is a multi-protocol messaging and streaming broker. HTTP API did not enforce an HTTP request body limit, making it v... | 4.9 - MEDIUM | 2023-10-25 | 2023-12-02 |
| CVE-2023-44794 json | An issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privileges via a crafted payload t... | 9.8 - CRITICAL | 2023-10-25 | 2023-10-31 |
| CVE-2023-34063 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 8.3 - HIGH | 2024-01-16 | 2024-01-25 |
| CVE-2023-34059 json | open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-ro... | 7 - HIGH | 2023-10-27 | 2023-11-08 |
| CVE-2023-34058 json | VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation ... | 7.5 - HIGH | 2023-10-27 | 2024-02-01 |
| CVE-2023-34057 json | VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtua... | 7.8 - HIGH | 2023-10-27 | 2023-11-07 |
| CVE-2023-34056 json | vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges... | 4.3 - MEDIUM | 2023-10-25 | 2023-10-31 |
| CVE-2023-34055 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 6.5 - MEDIUM | 2023-11-28 | 2023-12-04 |
| CVE-2023-34053 json | ** RESERVED ** This candidate has been reserved by an organization or individual that will use it when announcing a new secur... | 7.5 - HIGH | 2023-11-28 | 2023-12-04 |
| CVE-2023-34052 json | VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access t... | 7.8 - HIGH | 2023-10-20 | 2023-10-30 |
| CVE-2023-34051 json | VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inj... | 9.8 - CRITICAL | 2023-10-20 | 2023-10-30 |
| CVE-2023-34050 json | In spring AMQP versions 1.0.0 to 2.4.16 and 3.0.0 to 3.0.9 , allowed list patterns for deserializable class names w... | 4.3 - MEDIUM | 2023-10-19 | 2023-10-25 |
| CVE-2023-34048 json | vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor... | 9.8 - CRITICAL | 2023-10-25 | 2023-10-31 |
| CVE-2023-34047 json | A batch loader function in Spring for GraphQL versions 1.1.0 - 1.1.5 and 1.2.0 - 1.2.2 may be exposed to GraphQL context with... | 4.3 - MEDIUM | 2023-09-20 | 2023-10-18 |
Known software with vulnerabilities from Vmware
| Type | Vendor | Product | Version |
|---|---|---|---|
| Application | Vmware | Ace | - |
| Application | Vmware | Ace 2 | - |
| Application | Vmware | Airwatch | 7.3.0.0 |
| Application | Vmware | Airwatch Console | 9.1.0.0 |
| Application | Vmware | Airwatch Launcher | 3.2.2 |
| Application | Vmware | App Volumes | 2.10 |
| Application | Vmware | Capacityiq | 1.0.0 |
| Application | Vmware | Capacity Planner | 2.6.2.22938 |
| Application | Vmware | Cloud Foundation | - |
| Application | Vmware | Consolidated Backup Framework | 1.5.0.2192 |
| Application | Vmware | Converter | 1.0.0 |
| Application | Vmware | Converter Enterprise Client | 4.0.3.62417 |
| Application | Vmware | Data Recovery | 1.2.0 |
| Operating System | Vmware | Esx | - |
| Operating System | Vmware | Esxi | 3.5 |
| Application | Vmware | Esx Server | - |
| Application | Vmware | Fusion | - |
| Application | Vmware | Fusion Pro | 8.0.0 |
| Application | Vmware | Gemfire | 9.7.0 |
| Application | Vmware | Gsx Server | - |