Vulnerabilities > Vmware

DATE CVE VULNERABILITY TITLE RISK
2022-08-05 CVE-2022-31660 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contains a privilege escalation vulnerability.
local
low complexity
vmware
7.8
7.8
2022-08-05 CVE-2022-31661 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities.
local
low complexity
vmware
7.8
7.8
2022-08-05 CVE-2022-31662 Path Traversal vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability.
network
low complexity
vmware CWE-22
7.5
7.5
2022-08-05 CVE-2022-31663 Cross-site Scripting vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability.
network
low complexity
vmware CWE-79
6.1
6.1
2022-08-05 CVE-2022-31664 Unspecified vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability.
local
low complexity
vmware
7.8
7.8
2022-08-05 CVE-2022-31665 Injection vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability.
network
low complexity
vmware CWE-74
7.2
7.2
2022-07-14 CVE-2022-23825 Exposure of Resource to Wrong Sphere vulnerability in multiple products
Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure.
local
low complexity
debian fedoraproject amd vmware CWE-668
6.5
6.5
2022-07-13 CVE-2022-22982 Server-Side Request Forgery (SSRF) vulnerability in VMWare Vcenter Server 6.5/6.7/7.0
The vCenter Server contains a server-side request forgery (SSRF) vulnerability.
network
low complexity
vmware CWE-918
7.5
7.5
2022-07-12 CVE-2022-31654 Cross-site Scripting vulnerability in VMWare Vrealize LOG Insight
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.
network
low complexity
vmware CWE-79
5.4
5.4
2022-07-12 CVE-2022-31655 Cross-site Scripting vulnerability in VMWare Vrealize LOG Insight
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.
network
low complexity
vmware CWE-79
5.4
5.4