Vulnerabilities > Vmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-10-31 | CVE-2022-31690 | Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. | 8.1 |
| 2022-10-31 | CVE-2022-31692 | Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. | 9.8 |
| 2022-10-28 | CVE-2022-31678 | XXE vulnerability in VMWare Cloud Foundation and NSX Data Center VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. | 9.1 |
| 2022-10-11 | CVE-2022-31682 | Unspecified vulnerability in VMWare Vrealize Operations VMware Aria Operations contains an arbitrary file read vulnerability. | 4.9 |
| 2022-10-07 | CVE-2022-31680 | Deserialization of Untrusted Data vulnerability in VMWare Vcenter Server The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). | 9.1 |
| 2022-10-07 | CVE-2022-31681 | NULL Pointer Dereference vulnerability in VMWare Esxi VMware ESXi contains a null-pointer deference vulnerability. | 6.5 |
| 2022-10-06 | CVE-2022-31008 | Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in VMWare Rabbitmq RabbitMQ is a multi-protocol messaging and streaming broker. | 7.5 |
| 2022-09-21 | CVE-2022-31679 | Unspecified vulnerability in VMWare Spring Data Rest Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes. | 3.7 |
| 2022-08-29 | CVE-2022-31677 | Insufficient Session Expiration vulnerability in VMWare Pinniped An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor (before v0.19.0). | 5.4 |
| 2022-08-23 | CVE-2022-31676 | Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. | 7.8 |