Vulnerabilities > Vmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-02-22 | CVE-2023-20855 | XXE vulnerability in VMWare Vrealize Automation and Vrealize Orchestrator VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. | 8.8 |
| 2023-02-22 | CVE-2023-20858 | Injection vulnerability in VMWare Carbon Black APP Control VMware Carbon Black App Control 8.7.x prior to 8.7.8, 8.8.x prior to 8.8.6, and 8.9.x.prior to 8.9.4 contain an injection vulnerability. | 7.2 |
| 2023-02-16 | CVE-2022-36416 | Unspecified vulnerability in VMWare Ixgben 1.10.0.1 Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local access. | 7.8 |
| 2023-02-03 | CVE-2023-20854 | Improper Privilege Management vulnerability in VMWare Workstation 17.0 VMware Workstation contains an arbitrary file deletion vulnerability. | 8.4 |
| 2023-02-01 | CVE-2023-20856 | Cross-Site Request Forgery (CSRF) vulnerability in VMWare Vrealize Operations VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. | 8.8 |
| 2023-01-26 | CVE-2022-31710 | Deserialization of Untrusted Data vulnerability in VMWare Vrealize LOG Insight vRealize Log Insight contains a deserialization vulnerability. | 7.5 |
| 2023-01-14 | CVE-2023-22602 | When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques. | 7.5 |
| 2022-12-16 | CVE-2022-31707 | Unspecified vulnerability in VMWare Vrealize Operations vRealize Operations (vROps) contains a privilege escalation vulnerability. | 7.2 |
| 2022-12-14 | CVE-2022-31700 | Unspecified vulnerability in VMWare Access, Cloud Foundation and Identity Manager VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. | 7.2 |
| 2022-12-14 | CVE-2022-31703 | Path Traversal vulnerability in VMWare Vrealize LOG Insight The vRealize Log Insight contains a Directory Traversal Vulnerability. | 7.5 |