Vulnerabilities > Vmware

DATE	CVE	VULNERABILITY TITLE	RISK
2018-06-11	CVE-2018-6961	OS Command Injection vulnerability in VMWare NSX Sd-Wan BY Velocloud VMware NSX SD-WAN Edge by VeloCloud prior to version 3.1.0 contains a command injection vulnerability in the local web UI component. network high complexity vmware CWE-78	8.1
2018-05-29	CVE-2018-6964	Unspecified vulnerability in VMWare Horizon Client VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary. local low complexity vmware	7.8
2018-05-22	CVE-2018-6963	NULL Pointer Dereference vulnerability in VMWare Fusion and Workstation VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. local low complexity vmware CWE-476	5.5
2018-05-22	CVE-2018-6962	Unspecified vulnerability in VMWare Fusion VMware Fusion (10.x before 10.1.2) contains a signature bypass vulnerability which may lead to a local privilege escalation. local low complexity vmware	7.8
2018-05-15	CVE-2018-1263	Path Traversal vulnerability in VMWare Spring Integration ZIP 1.0.0/1.0.1 Addresses partial fix in CVE-2018-1261. local high complexity vmware CWE-22	4.7
2018-05-11	CVE-2018-1261	Path Traversal vulnerability in VMWare Spring Integration ZIP 1.0.0 Spring-integration-zip versions prior to 1.0.1 exposes an arbitrary file write vulnerability, which can be achieved using a specially crafted zip archive (affects other archives as well, bzip2, tar, xz, war, cpio, 7z) that holds path traversal filenames. local high complexity vmware CWE-22	4.7
2018-05-11	CVE-2018-1258	Incorrect Authorization vulnerability in multiple products Spring Framework version 5.0.5 when used in combination with any versions of Spring Security contains an authorization bypass when using method security. network low complexity pivotal-software vmware oracle netapp redhat CWE-863	8.8
2018-05-11	CVE-2018-1257	Spring Framework, versions 5.0.x prior to 5.0.6, versions 4.3.x prior to 4.3.17, and older unsupported versions allows applications to expose STOMP over WebSocket endpoints with a simple, in-memory STOMP broker through the spring-messaging module. network low complexity vmware redhat oracle	6.5
2018-05-07	CVE-2018-1256	Unspecified vulnerability in VMWare Spring Cloud SSO Connector 2.1.2 Spring Cloud SSO Connector, version 2.1.2, contains a regression which disables issuer validation in resource servers that are not bound to the SSO service. network high complexity vmware	8.1
2018-05-02	CVE-2017-4952	Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Xenon VMware Xenon 1.x, prior to 1.5.4-CR7_1, 1.5.7_7, 1.5.4-CR6_2, 1.3.7-CR1_2, 1.1.0-CR0-3, 1.1.0-CR3_1,1.4.2-CR4_1, and 1.5.4_8, contains an authentication bypass vulnerability due to insufficient access controls for utility endpoints. network low complexity vmware CWE-732	7.5

Vulnerabilities > Vmware {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Vmware"}]}

Vulnerabilities > Vmware