Vulnerabilities > Vmware > Critical
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2022-11-09 | CVE-2022-31686 | Unspecified vulnerability in VMWare Workspace ONE Assist VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. | 9.8 |
2022-11-09 | CVE-2022-31687 | Unspecified vulnerability in VMWare Workspace ONE Assist VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. | 9.8 |
2022-11-09 | CVE-2022-31689 | Session Fixation vulnerability in VMWare Workspace ONE Assist VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. | 9.8 |
2022-11-04 | CVE-2022-31691 | Unspecified vulnerability in VMWare products Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. | 9.8 |
2022-10-31 | CVE-2022-31692 | Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. | 9.8 |
2022-10-28 | CVE-2022-31678 | XXE vulnerability in VMWare Cloud Foundation and NSX Data Center VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. | 9.1 |
2022-10-07 | CVE-2022-31680 | Deserialization of Untrusted Data vulnerability in VMWare Vcenter Server The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). | 9.1 |
2022-08-05 | CVE-2022-31656 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |
2022-08-05 | CVE-2022-31657 | Open Redirect vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. | 9.8 |
2022-05-20 | CVE-2022-22972 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. | 9.8 |