Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Telco_cloud_platform
(Vmware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 7 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2025-06-04 | CVE-2025-22243 | VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack due to improper input validation. | Vmware_nsx, Cloud_foundation, Telco_cloud_infrastructure, Telco_cloud_platform | N/A | ||
| 2025-06-04 | CVE-2025-22244 | VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the gateway firewall due to improper input validation. | Vmware_nsx, Cloud_foundation, Telco_cloud_infrastructure, Telco_cloud_platform | N/A | ||
| 2025-06-04 | CVE-2025-22245 | VMware NSX contains a stored Cross-Site Scripting (XSS) vulnerability in the router port due to improper input validation. | Vmware_nsx, Cloud_foundation, Telco_cloud_infrastructure, Telco_cloud_platform | N/A | ||
| 2025-05-13 | CVE-2025-22249 | VMware Aria automation contains a DOM based Cross-Site Scripting (XSS) vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL. | Aria_automation, Cloud_foundation, Telco_cloud_platform | N/A | ||
| 2025-03-04 | CVE-2025-22225 | VMware ESXi contains an arbitrary write vulnerability. A malicious actor with privileges within the VMX process may trigger an arbitrary kernel write leading to an escape of the sandbox. | Cloud_foundation, Esxi, Telco_cloud_infrastructure, Telco_cloud_platform | N/A | ||
| 2025-03-04 | CVE-2025-22224 | VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | Cloud_foundation, Esxi, Telco_cloud_infrastructure, Telco_cloud_platform, Workstation | 8.2 | ||
| 2025-03-04 | CVE-2025-22226 | VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | Cloud_foundation, Esxi, Fusion, Telco_cloud_infrastructure, Telco_cloud_platform, Workstation | 6.0 |