Vulnerabilities > Vmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-05 | CVE-2022-31661 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two privilege escalation vulnerabilities. | 7.8 |
| 2022-08-05 | CVE-2022-31662 | Path Traversal vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager, Connectors and vRealize Automation contain a path traversal vulnerability. | 7.5 |
| 2022-08-05 | CVE-2022-31664 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability. | 7.8 |
| 2022-08-05 | CVE-2022-31665 | Injection vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. | 7.2 |
| 2022-07-13 | CVE-2022-22982 | Server-Side Request Forgery (SSRF) vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vCenter Server contains a server-side request forgery (SSRF) vulnerability. | 7.5 |
| 2022-06-21 | CVE-2022-22979 | Allocation of Resources Without Limits or Throttling vulnerability in VMWare Spring Cloud Function In Spring Cloud Function versions prior to 3.2.6, it is possible for a user who directly interacts with framework provided lookup functionality to cause a denial-of-service condition due to the caching issue in the Function Catalog component of the framework. | 7.5 |
| 2022-05-24 | CVE-2022-22977 | XXE vulnerability in VMWare Tools VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. | 7.1 |
| 2022-05-20 | CVE-2022-22973 | Unspecified vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a privilege escalation vulnerability. | 7.8 |
| 2022-04-14 | CVE-2022-22966 | Unspecified vulnerability in VMWare Vcloud Director 10.1.0 An authenticated, high privileged malicious actor with network access to the VMware Cloud Director tenant or provider may be able to exploit a remote code execution vulnerability to gain access to the server. | 7.2 |
| 2022-04-13 | CVE-2022-22957 | Deserialization of Untrusted Data vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). | 7.2 |