Vulnerabilities > Vmware
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-01-14 | CVE-2023-22602 | Interpretation Conflict vulnerability in multiple products When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. | 7.5 |
2022-12-16 | CVE-2022-31707 | Unspecified vulnerability in VMWare Vrealize Operations 8.10.0 vRealize Operations (vROps) contains a privilege escalation vulnerability. | 7.2 |
2022-12-16 | CVE-2022-31708 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Vrealize Operations 8.10.0 vRealize Operations (vROps) contains a broken access control vulnerability. | 4.9 |
2022-12-14 | CVE-2022-31700 | Unspecified vulnerability in VMWare Access, Cloud Foundation and Identity Manager VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. | 7.2 |
2022-12-14 | CVE-2022-31701 | Improper Authentication vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. | 5.3 |
2022-12-14 | CVE-2022-31702 | Command Injection vulnerability in VMWare Vrealize Network Insight vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. | 9.8 |
2022-12-14 | CVE-2022-31703 | Path Traversal vulnerability in VMWare Vrealize Network Insight The vRealize Log Insight contains a Directory Traversal Vulnerability. | 7.5 |
2022-12-14 | CVE-2022-31705 | Out-of-bounds Write vulnerability in VMWare Esxi 7.0/8.0 VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). | 8.2 |
2022-12-13 | CVE-2022-31696 | Unspecified vulnerability in VMWare Esxi 6.5/6.7 VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. | 8.8 |
2022-12-13 | CVE-2022-31697 | Cleartext Storage of Sensitive Information vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. | 5.5 |