Vulnerabilities > Vmware > Critical

DATE CVE VULNERABILITY TITLE RISK
2023-05-15 CVE-2023-31131 Path Traversal vulnerability in VMWare Greenplum Database
Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL.
network
low complexity
vmware CWE-22
critical
 9.1
9.1
2023-04-20 CVE-2023-20864 Deserialization of Untrusted Data vulnerability in VMWare Aria Operations for Logs and Cloud Foundation
VMware Aria Operations for Logs contains a deserialization vulnerability.
network
low complexity
vmware CWE-502
critical
 9.8
9.8
2023-04-20 CVE-2023-20873 Unspecified vulnerability in VMWare Spring Boot
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass.
network
low complexity
vmware
critical
 9.8
9.8
2023-01-26 CVE-2022-31704 Unspecified vulnerability in VMWare Vrealize LOG Insight
The vRealize Log Insight contains a broken access control vulnerability.
network
low complexity
vmware
critical
 9.8
9.8
2023-01-26 CVE-2022-31706 Path Traversal vulnerability in VMWare Vrealize LOG Insight
The vRealize Log Insight contains a Directory Traversal Vulnerability.
network
low complexity
vmware CWE-22
critical
 9.8
9.8
2022-12-14 CVE-2022-31702 Command Injection vulnerability in VMWare Vrealize Network Insight
vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API.
network
low complexity
vmware CWE-77
critical
 9.8
9.8
2022-11-12 CVE-2022-38650 Deserialization of Untrusted Data vulnerability in VMWare Hyperic Server 5.8.6
A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6.
network
low complexity
vmware CWE-502
critical
 10.0
10
2022-11-12 CVE-2022-38651 Unspecified vulnerability in VMWare Hyperic Server 5.8.6
A security filter misconfiguration exists in VMware Hyperic Server 5.8.6.
network
low complexity
vmware
critical
 9.8
9.8
2022-11-12 CVE-2022-38652 Deserialization of Untrusted Data vulnerability in VMWare Hyperic Agent 5.8.6
A remote insecure deserialization vulnerability exixsts in VMWare Hyperic Agent 5.8.6.
network
low complexity
vmware CWE-502
critical
 9.9
9.9
2022-11-09 CVE-2022-31685 Unspecified vulnerability in VMWare Workspace ONE Assist
VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability.
network
low complexity
vmware
critical
 9.8
9.8