Vulnerabilities > Vmware > High

DATE CVE VULNERABILITY TITLE RISK
2023-01-14 CVE-2023-22602 When using Apache Shiro before 1.11.0 together with Spring Boot 2.6+, a specially crafted HTTP request may cause an authentication bypass. The authentication bypass occurs when Shiro and Spring Boot are using different pattern-matching techniques.
network
low complexity
apache vmware
7.5
2022-12-16 CVE-2022-31707 Unspecified vulnerability in VMWare Vrealize Operations
vRealize Operations (vROps) contains a privilege escalation vulnerability.
network
low complexity
vmware
7.2
2022-12-14 CVE-2022-31700 Unspecified vulnerability in VMWare Access, Cloud Foundation and Identity Manager
VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability.
network
low complexity
vmware
7.2
2022-12-14 CVE-2022-31703 Path Traversal vulnerability in VMWare Vrealize LOG Insight
The vRealize Log Insight contains a Directory Traversal Vulnerability.
network
low complexity
vmware CWE-22
7.5
2022-12-14 CVE-2022-31705 Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI).
local
low complexity
vmware CWE-787
8.2
2022-12-13 CVE-2022-31696 Out-of-bounds Write vulnerability in VMWare Esxi 6.5/6.7
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket.
local
low complexity
vmware CWE-787
8.8
2022-11-23 CVE-2009-1143 Link Following vulnerability in VMWare Open-Vm-Tools 2009.03.18154848
An issue was discovered in open-vm-tools 2009.03.18-154848.
local
high complexity
vmware CWE-59
7.0
2022-10-31 CVE-2022-31690 Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions.
network
high complexity
vmware netapp
8.1
2022-10-06 CVE-2022-31008 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in VMWare Rabbitmq
RabbitMQ is a multi-protocol messaging and streaming broker.
network
low complexity
vmware CWE-335
7.5
2022-08-23 CVE-2022-31676 Improper Privilege Management vulnerability in multiple products
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability.
local
low complexity
vmware debian fedoraproject netapp CWE-269
7.8