Vulnerabilities > Vmware > High

DATE CVE VULNERABILITY TITLE RISK
2022-12-13 CVE-2022-31696 Out-of-bounds Write vulnerability in VMWare Esxi 6.5/6.7
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket.
local
low complexity
vmware CWE-787
8.8
2022-11-23 CVE-2009-1143 Link Following vulnerability in VMWare Open-Vm-Tools 2009.03.18154848
An issue was discovered in open-vm-tools 2009.03.18-154848.
local
high complexity
vmware CWE-59
7.0
2022-10-31 CVE-2022-31690 Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions.
network
high complexity
vmware netapp
8.1
2022-10-06 CVE-2022-31008 Incorrect Usage of Seeds in Pseudo-Random Number Generator (PRNG) vulnerability in multiple products
RabbitMQ is a multi-protocol messaging and streaming broker.
network
low complexity
vmware broadcom CWE-335
7.5
2022-08-23 CVE-2022-31676 Improper Privilege Management vulnerability in multiple products
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability.
local
low complexity
vmware debian fedoraproject netapp CWE-269
7.8
2022-08-10 CVE-2022-31672 Unspecified vulnerability in VMWare Vrealize Operations
VMware vRealize Operations contains a privilege escalation vulnerability.
network
low complexity
vmware
7.2
2022-08-10 CVE-2022-31673 Unspecified vulnerability in VMWare Vrealize Operations
VMware vRealize Operations contains an information disclosure vulnerability.
network
low complexity
vmware
8.8
2022-08-10 CVE-2022-31675 Unspecified vulnerability in VMWare Vrealize Operations
VMware vRealize Operations contains an authentication bypass vulnerability.
network
low complexity
vmware
7.5
2022-08-05 CVE-2022-31658 Injection vulnerability in VMWare products
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability.
network
low complexity
vmware CWE-74
7.2
2022-08-05 CVE-2022-31659 SQL Injection vulnerability in VMWare products
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability.
network
low complexity
vmware CWE-89
7.2