Vulnerabilities > Vmware > Low

DATE CVE VULNERABILITY TITLE RISK
2023-06-13 CVE-2023-20867 Improper Authentication vulnerability in multiple products
A fully compromised ESXi host can force VMware Tools to fail to authenticate host-to-guest operations, impacting the confidentiality and integrity of the guest virtual machine.
local
high complexity
vmware debian fedoraproject CWE-287
3.9
3.9
2022-12-13 CVE-2022-31699 Out-of-bounds Write vulnerability in VMWare Esxi 6.5/6.7
VMware ESXi contains a heap-overflow vulnerability.
local
low complexity
vmware CWE-787
3.3
3.3
2022-07-12 CVE-2022-31655 Cross-site Scripting vulnerability in VMWare Vrealize LOG Insight
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.
network
vmware CWE-79
3.5
3.5
2022-07-12 CVE-2022-31654 Cross-site Scripting vulnerability in VMWare Vrealize LOG Insight
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.
network
vmware CWE-79
3.5
3.5
2022-05-24 CVE-2022-22977 XXE vulnerability in VMWare Tools
VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability.
local
low complexity
vmware CWE-611
3.6
3.6
2022-03-02 CVE-2022-22944 Cross-site Scripting vulnerability in VMWare Workspace ONE Boxer
VMware Workspace ONE Boxer contains a stored cross-site scripting (XSS) vulnerability.
network
vmware CWE-79
3.5
3.5
2022-01-28 CVE-2022-22938 Unspecified vulnerability in VMWare Horizon and Workstation
VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component.
local
low complexity
vmware
2.1
2.1
2021-09-23 CVE-2021-22020 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains a denial-of-service vulnerability in the Analytics service.
local
low complexity
vmware
2.1
2.1
2021-09-23 CVE-2021-22007 Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server
The vCenter Server contains a local information disclosure vulnerability in the Analytics service.
local
low complexity
vmware
2.1
2.1
2021-09-15 CVE-2020-3960 Out-of-bounds Read vulnerability in VMWare Fusion, Vsphere Esxi and Workstation
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality.
local
low complexity
vmware CWE-125
3.6
3.6