Where
AND
-Infinity
0

Trending

Last week
Last month
Last year

Vendor Risk Score

See how vmware compares to other vendors in security performance

View Risk Score →

Software

vmware player
27
vmware workstation and esxi
26
vmware vcenter
18
vmware ace
17
vmware esxi
15
vmware fusion
15
vmware server
15
vmware workstation
15
vmware vcenter server and cloud foundation
14
vmware esxi and horizon daas
13
vmware spring framework
8
vmware vrealize automation
8
vmware workspace one access and identity manager
8
vmware vrealize operations
7
vmware esx
6
vmware cloud foundation
5
vmware movie decoder
5
vmware vcenter server appliance
5
vmware spring boot
4
vmware spring boot tools
4
vmware vrealize suite lifecycle manager
4
vmware vsphere data protection
4
vmware workspace one access
4
vmware workspace one assist
4
vmware carbon black
3
vmware identity manager connector
3
vmware spring security
3
vmware vcenter server
3
vmware vsphere client
3
vmware access
2
vmware horizon view
2
vmware hyperic server
2
vmware photon os
2
vmware spring integration
2
vmware telco cloud infrastructure
2
vmware telco cloud platform
2
vmware vrealize log insight
2
vmware vrealize network insight
2
vmware
1
vmware airwatch
1
vmware application remote collector
1
vmware aria automation
1
vmware aria operations
1
vmware carbon black cloud
1
vmware cloud director
1
vmware cloud foundry manifest yml support
1
vmware concourse ci pipeline editor
1
vmware enhanced authentication plug-in
1
vmware esxi and workstation
1
vmware gemfire
1

VMware Spring Cloud ConfigPath Traversal

Risk 66
Severity
9.1
First published (updated )
CVE-2026-40982

VMware Spring BootIn certain circumstances, Spring Boot's default web security is ineffective allowing unauthorized ac…

Risk 66
Severity
9.1
First published (updated )
CVE-2026-40976

VMware Spring BootSpring Boot's Cassandra auto-configuration does not perform hostname verification when establishing …

Risk 86
Severity
9.8
First published (updated )
CVE-2026-40974

VMware Spring BootWhen configured to use an SSL bundle, Spring Boot's RabbitMQ auto-configuration does not perform hos…

Risk 66
Severity
9.1
First published (updated )
CVE-2026-40971

VMware Spring AiSpEL Injection via Unescaped Filter Key in SimpleVectorStore Leads to Remote Code Execution

Risk 86
Severity
9.8
First published (updated )
CVE-2026-22738
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.springframework.security:spring-security-webUnder Some Conditions Spring Security HTTP Headers Are not Written

Risk 70
Severity
9.1
First published (updated )
CVE-2026-22732

VMware Aria OperationsVMware Aria Operations stored cross-site scripting vulnerability

Risk 74
Severity
9
First published (updated )
CVE-2026-22720

VMware ESXiPVSCSI heap-overflow vulnerability

Risk 81
Severity
9.3
First published (updated )
CVE-2025-41238

VMware ESXiVMCI integer-underflow vulnerability

Risk 81
Severity
9.3
First published (updated )
CVE-2025-41237

VMware ESXiVMXNET3 integer-overflow vulnerability

Risk 81
Severity
9.3
First published (updated )
CVE-2025-41236
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

VMware Spring SecuritySpring Security authorization bypass for method security annotations on private methods

Risk 66
Severity
9.1
First published (updated )
CVE-2025-41232

VMware ESXiVMware ESXi and Workstation TOCTOU Race Condition Vulnerability

Risk 97
Severity
9.3
Exploited
Zeroday
First published (updated )
CVE-2025-22224

VMware Aria Operations for LogsVMware Aria Operations for Logs stored cross-site scripting vulnerability (CVE-2025-22219)

Risk 78
Severity
9
First published (updated )
CVE-2025-22219

VMware vCenter ServerVMware vCenter Server Privilege Escalation Vulnerability

Risk 99
Severity
9.8
Exploited
Zeroday
First published (updated )
CVE-2024-38813

VMware vCenter ServerVMware vCenter Server Heap-Based Buffer Overflow Vulnerability

Risk 99
Severity
9.8
Exploited
Zeroday
First published (updated )
CVE-2024-38812
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

maven/org.springframework.cloud:spring-cloud-skipperRemote code execution in Spring Cloud Data Flow

Risk 89
Severity
9.8
First published (updated )
CVE-2024-37084

VMware vCenter ServervCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. …

Risk 90
Severity
9.8
First published (updated )
CVE-2024-37080

VMware vCenter ServerBroadcom VMware vCenter Server Out-of-bounds Write Vulnerability

Risk 99
Severity
9.8
Exploited
First published (updated )
CVE-2024-37079

VMware WorkstationUse After Free

Risk 81
Severity
9.3
First published (updated )
CVE-2024-22267

VMware ESXiUse-after-free vulnerability

Risk 81
Severity
9.3
First published (updated )
CVE-2024-22253
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

VMware ESXiUse-after-free vulnerability

Risk 82
Severity
9.3
First published (updated )
CVE-2024-22252

VMware Enhanced Authentication Plug-inArbitrary Authentication Relay Vulnerability in Deprecated EAP Browser Plugin

Risk 59
Severity
9.6
EPSS
0.04%
First published (updated )
CVE-2024-22245

VMware Aria AutomationAria Automation contains a Missing Access Control vulnerability. An authenticated malicious actor …

Risk 81
Severity
9.9
First published (updated )
CVE-2023-34063

Microsoft Power PlatformMicrosoft Power Platform Connector Spoofing Vulnerability

Risk 93
Severity
9.6
Zeroday
First published (updated )
CVE-2023-36019

VMware Cloud DirectorVMware Cloud Director Appliance contains an authentication bypass vulnerability in case VMware Cloud…

Risk 89
Severity
9.8
First published (updated )
CVE-2023-34060
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

VMware vCenter ServerVMware vCenter Server Out-of-Bounds Write Vulnerability

Risk 99
Severity
9.8
Exploited
Zeroday
First published (updated )
CVE-2023-34048

maven/cn.dev33:sa-token-coreAn issue in Dromara SaToken version 1.36.0 and before allows a remote attacker to escalate privilege…

Risk 89
Severity
9.8
First published (updated )
CVE-2023-44794

VMware Aria Operations for LogsVMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated,…

Risk 86
Severity
9.8
First published (updated )
CVE-2023-34051

VMware Aria Operations for NetworksAria Operations for Networks contains an Authentication Bypass vulnerability due to a lack of unique…

Risk 86
Severity
9.8
First published (updated )
CVE-2023-34039

redhat/spring-securityUsing "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern m…

Risk 91
Severity
9.8
First published (updated )
CVE-2023-34034
Free Weekly Intel

Don't miss critical vulnerabilities

Join thousands of security professionals who receive our weekly digest of trending CVEs, zero-days, and exploited vulnerabilities.

No spam. Unsubscribe anytime.

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2026 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203