Vulnerabilities > Vmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-09-21 | CVE-2022-31679 | Unspecified vulnerability in VMWare Spring Data Rest Applications that allow HTTP PATCH access to resources exposed by Spring Data REST in versions 3.6.0 - 3.5.5, 3.7.0 - 3.7.2, and older unsupported versions, if an attacker knows about the structure of the underlying domain model, they can craft HTTP requests that expose hidden entity attributes. | 3.7 |
| 2022-08-29 | CVE-2022-31677 | Insufficient Session Expiration vulnerability in VMWare Pinniped An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor (before v0.19.0). | 5.4 |
| 2022-08-23 | CVE-2022-31676 | Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. | 7.8 |
| 2022-08-18 | CVE-2022-21793 | Unspecified vulnerability in VMWare I40En and Ixgben Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access. | 5.5 |
| 2022-08-10 | CVE-2022-22983 | Insufficiently Protected Credentials vulnerability in VMWare Workstation VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. | 5.9 |
| 2022-08-10 | CVE-2022-31672 | Unspecified vulnerability in VMWare Vrealize Operations VMware vRealize Operations contains a privilege escalation vulnerability. | 7.2 |
| 2022-08-10 | CVE-2022-31673 | Unspecified vulnerability in VMWare Vrealize Operations VMware vRealize Operations contains an information disclosure vulnerability. | 8.8 |
| 2022-08-10 | CVE-2022-31674 | Information Exposure Through Log Files vulnerability in VMWare Vrealize Operations VMware vRealize Operations contains an information disclosure vulnerability. | 4.3 |
| 2022-08-10 | CVE-2022-31675 | Unspecified vulnerability in VMWare Vrealize Operations VMware vRealize Operations contains an authentication bypass vulnerability. | 7.5 |
| 2022-08-05 | CVE-2022-31656 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |