Product:

Cloud_foundation

(Vmware)
Repositories

Unknown:

This might be proprietary software.
#Vulnerabilities 122
Date Id Summary Products Score Patch Annotated
2025-05-13 CVE-2025-22249 VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL. Aria_automation, Cloud_foundation, Telco_cloud_platform N/A
2024-05-21 CVE-2024-22274 The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system. Cloud_foundation, Vcenter_server N/A
2024-05-21 CVE-2024-22275 The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data. Cloud_foundation, Vcenter_server N/A
2024-06-25 CVE-2024-37086 VMware ESXi contains an out-of-bounds read vulnerability. A malicious actor with local administrative privileges on a virtual machine with an existing snapshot may trigger an out-of-bounds read leading to a denial-of-service condition of the host. Cloud_foundation, Esxi N/A
2024-06-25 CVE-2024-37087 The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition. Cloud_foundation, Vcenter_server N/A
2024-01-16 CVE-2023-34063 Aria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor may exploit this vulnerability leading to unauthorized access to remote organizations and workflows. Aria_automation, Cloud_foundation 8.3