VMware has patched arbitrary file read and SSRF vCenter Server vulnerabilities (CVE-2021-21980, CVE-2021-22049) that affect VMware vSphere Web Client.
VMware has issued a security fix for a VMware vCenter Server IWA privilege escalation vulnerability (CVE-2021-22048).
VMware issued a security advisory for multiple vulnerabilities that impact VMware vCenter Server. One of those fixed issues is a Critical vulnerability (CVE-2021-22005) exploited in the wild.
Security researchers have spotted thousands of vulnerable unpatched VMware vCenter servers exposed on the internet. Multiple proof-of-concepts (PoCs) have also been posted online for exploits against a remote code execution (RCE) vulnerability CVE-2021-21985.
VMware has patched multiple vulnerabilities, to include one Critical vulnerability (CVE-2021-21972) that has exposed thousands of servers online.
VMware issued a security advisory for multiple vulnerabilities that impact VMware ESXi and vCenter Server products. The vulnerability severity ranges from a CVSS base score of 4.2 to 7.7.