- How many CVEs does vmware have?
- vmware has 1,095 published CVE records since 2000, including 164 in the last two years.
- How many vmware CVEs are in CISA KEV?
- Yes — 40 of vmware's CVEs are listed in CISA's Known Exploited Vulnerabilities catalog, confirmed exploited in the wild and carrying a CISA remediation deadline.
- Which vmware products have the most CVEs?
- The vmware products with the most published CVEs are Workstation, Cloud Foundation, ESXi, Fusion, player.
- What are the most common weakness types in vmware CVEs?
- vmware's CVEs most often map to these CWE weakness types: CWE-79 (Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')), CWE-22 (Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')), CWE-787 (Out-of-bounds Write), CWE-269 (Improper Privilege Management).
- Are there public exploits for vmware vulnerabilities?
- Yes — 148 of vmware's CVEs have a known public exploit.
- How many critical vmware vulnerabilities are there?
- vmware has 170 critical and 458 high-severity CVEs.
- What is the average severity of vmware CVEs?
- The average CVSS base score across vmware's scored CVEs is 7.1.