Vulnerabilities > Vmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-11-29 | CVE-2021-31693 | Unspecified vulnerability in VMWare Tools The 10Web Photo Gallery plugin through 1.5.68 for WordPress allows XSS via album_gallery_id_0, bwg_album_search_0, and type_0 for bwg_frontend_data. | 6.5 |
| 2022-11-23 | CVE-2009-1142 | Link Following vulnerability in VMWare Open VM Tools 2009.03.18154848 An issue was discovered in open-vm-tools 2009.03.18-154848. | 6.7 |
| 2022-11-09 | CVE-2022-31688 | Cross-site Scripting vulnerability in VMWare Workspace ONE Assist VMware Workspace ONE Assist prior to 22.10 contains a Reflected cross-site scripting (XSS) vulnerability. | 6.1 |
| 2022-10-11 | CVE-2022-31682 | Unspecified vulnerability in VMWare Vrealize Operations VMware Aria Operations contains an arbitrary file read vulnerability. | 4.9 |
| 2022-10-07 | CVE-2022-31681 | NULL Pointer Dereference vulnerability in VMWare Esxi VMware ESXi contains a null-pointer deference vulnerability. | 6.5 |
| 2022-08-29 | CVE-2022-31677 | Insufficient Session Expiration vulnerability in VMWare Pinniped An Insufficient Session Expiration issue was discovered in the Pinniped Supervisor (before v0.19.0). | 5.4 |
| 2022-08-18 | CVE-2022-21793 | Unspecified vulnerability in VMWare I40En and Ixgben Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access. | 5.5 |
| 2022-08-10 | CVE-2022-22983 | Insufficiently Protected Credentials vulnerability in VMWare Workstation VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. | 5.9 |
| 2022-08-10 | CVE-2022-31674 | Information Exposure Through Log Files vulnerability in VMWare Vrealize Operations VMware vRealize Operations contains an information disclosure vulnerability. | 4.3 |
| 2022-08-05 | CVE-2022-31663 | Cross-site Scripting vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. | 6.1 |