Vulnerabilities > Vmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-04-13 | CVE-2023-20866 | Unspecified vulnerability in VMWare Spring Session 3.0.0 In Spring Session version 3.0.0, the session id can be logged to the standard output stream. | 6.5 |
| 2023-03-23 | CVE-2023-20861 | Unspecified vulnerability in VMWare Spring Framework In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. | 6.5 |
| 2023-02-28 | CVE-2023-20857 | Missing Authentication for Critical Function vulnerability in VMWare Workspace ONE Content 3.20/3.20.1/3.21 VMware Workspace ONE Content contains a passcode bypass vulnerability. | 6.8 |
| 2023-02-16 | CVE-2022-36797 | Unspecified vulnerability in VMWare Ixgben Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access. | 5.5 |
| 2023-01-26 | CVE-2022-31711 | Unspecified vulnerability in VMWare Vrealize LOG Insight VMware vRealize Log Insight contains an Information Disclosure Vulnerability. | 5.3 |
| 2022-12-16 | CVE-2022-31708 | Unspecified vulnerability in VMWare Vrealize Operations vRealize Operations (vROps) contains a broken access control vulnerability. | 4.9 |
| 2022-12-14 | CVE-2022-31701 | Missing Authentication for Critical Function vulnerability in VMWare products VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. | 5.3 |
| 2022-12-13 | CVE-2022-31697 | Cleartext Storage of Sensitive Information vulnerability in VMWare Vcenter Server 6.5/6.7/7.0 The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. | 5.5 |
| 2022-12-13 | CVE-2022-31698 | Unspecified vulnerability in VMWare Cloud Foundation and Vcenter Server The vCenter Server contains a denial-of-service vulnerability in the content library service. | 5.3 |
| 2022-11-29 | CVE-2021-31693 | Unspecified vulnerability in VMWare Tools The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via album_gallery_id_0, bwg_album_search_0, and type_0 for bwg_frontend_data. | 6.5 |