Vulnerabilities > Vmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-25 | CVE-2014-0225 | XXE vulnerability in multiple products When processing user provided XML documents, the Spring Framework 4.0.0 to 4.0.4, 3.0.0 to 3.2.8, and possibly earlier unsupported versions did not disable by default the resolution of URI references in a DTD declaration. | 8.8 |
| 2017-05-25 | CVE-2014-0097 | Improper Authentication vulnerability in VMWare Spring Security The ActiveDirectoryLdapAuthenticator in Spring Security 3.2.0 to 3.2.1 and 3.1.0 to 3.1.5 does not check the password length. | 7.3 |
| 2017-05-22 | CVE-2017-4916 | NULL Pointer Dereference vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. | 6.5 |
| 2017-05-22 | CVE-2017-4915 | Incorrect Authorization vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. | 7.8 |
| 2017-05-10 | CVE-2017-4896 | Unspecified vulnerability in VMWare Airwatch Agent and Airwatch Inbox Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. | 3.8 |
| 2017-05-10 | CVE-2017-4895 | Unspecified vulnerability in VMWare Airwatch Agent and Airwatch Inbox Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. | 8.8 |
| 2017-04-21 | CVE-2016-2173 | Improper Input Validation vulnerability in multiple products org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code. | 9.8 |
| 2017-01-06 | CVE-2016-9879 | Channel and Path Errors vulnerability in multiple products An issue was discovered in Pivotal Spring Security before 3.2.10, 4.1.x before 4.1.4, and 4.2.x before 4.2.1. | 7.5 |
| 2016-12-29 | CVE-2016-9878 | Path Traversal vulnerability in multiple products An issue was discovered in Pivotal Spring Framework before 3.2.18, 4.2.x before 4.2.9, and 4.3.x before 4.3.5. | 7.5 |
| 2016-12-29 | CVE-2016-9877 | Improper Access Control vulnerability in multiple products An issue was discovered in Pivotal RabbitMQ 3.x before 3.5.8 and 3.6.x before 3.6.6 and RabbitMQ for PCF 1.5.x before 1.5.20, 1.6.x before 1.6.12, and 1.7.x before 1.7.7. | 9.8 |