聚合 NVD、CVE 及多源情报,深度解析 RCE 等高危风险。系统集成 CVSS 与 EPSS 模型,动态追踪 Exploit 资源与 PoC 公开状态,研判可利用性。结合官方补丁与修复方案,优化漏洞管理优先级,缩短响应周期,保障资产安全。
分配机构(CNA / 来源):[email protected] 移除此筛选
| CVE | 描述 | 最高 CVSS | EPSS % | 公开时间 | 更新时间 |
|---|---|---|---|---|---|
| CVE-2016-7456 | VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. | 9.8 | 82.12% | 2016-12-29 | 2026-05-06 |
| CVE-2016-7457 | VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to gain privileges, or halt and remove virtual machines, via unspecified vectors. | 10.0 | 1.51% | 2016-12-29 | 2026-05-06 |
| CVE-2016-7458 | VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 5.8 | 0.45% | 2016-12-29 | 2026-05-06 |
| CVE-2016-7459 | VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 7.7 | 0.55% | 2016-12-29 | 2026-05-06 |
| CVE-2016-7460 | The Single Sign-On feature in VMware vCenter Server 5.5 before U3e and 6.0 before U2a and vRealize Automation 6.x before 6.2.5 allows remote attackers to read arbitrary files or cause a denial of service via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue. | 9.1 | 2.01% | 2016-12-29 | 2026-05-06 |
| CVE-2016-7461 | The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors. | 8.8 | 0.16% | 2016-12-29 | 2026-05-06 |
| CVE-2016-7462 | The Suite REST API in VMware vRealize Operations (aka vROps) 6.x before 6.4.0 allows remote authenticated users to write arbitrary content to files or rename files via a crafted DiskFileItem in a relay-request payload that is mishandled during deserialization. | 8.5 | 1.67% | 2016-12-29 | 2026-05-06 |
| CVE-2016-7463 | Cross-site scripting (XSS) vulnerability in the Host Client in VMware vSphere Hypervisor (aka ESXi) 5.5 and 6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted VM. | 5.4 | 0.14% | 2016-12-29 | 2026-05-06 |
| CVE-2017-4895 | Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data. | 8.8 | 0.05% | 2017-05-10 | 2026-05-13 |
| CVE-2017-4896 | Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. Successful exploitation of this issue may result in an unauthorized disclosure of confidential data. | 3.8 | 0.05% | 2017-05-10 | 2026-05-13 |
| CVE-2012-3104 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2012-6327 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2012-6328 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2012. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2013-1660 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2013-3318 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2013-3521 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2013-5974 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2013. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2014-3794 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2014-3795 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |
| CVE-2014-8374 | Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: none. Reason: The CNA or individual who requested this candidate did not associate it with any vulnerability during 2014. Notes: none | 无 | 0.27% | 2017-05-11 | 2023-11-07 |