Vulnerabilities > Vmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-08-18 | CVE-2022-21793 | Unspecified vulnerability in VMWare I40En and Ixgben Insufficient control flow management in the Intel(R) Ethernet 500 Series Controller drivers for VMWare before version 1.11.4.0 and in the Intel(R) Ethernet 700 Series Controller drivers for VMWare before version 2.1.5.0 may allow an authenticated user to potentially enable a denial of service via local access. | 5.5 |
| 2022-08-10 | CVE-2022-22983 | Insufficiently Protected Credentials vulnerability in VMWare Workstation VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. | 5.9 |
| 2022-08-10 | CVE-2022-31674 | Information Exposure Through Log Files vulnerability in VMWare Vrealize Operations VMware vRealize Operations contains an information disclosure vulnerability. | 4.3 |
| 2022-08-05 | CVE-2022-31663 | Cross-site Scripting vulnerability in VMWare products VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a reflected cross-site scripting (XSS) vulnerability. | 6.1 |
| 2022-07-14 | CVE-2022-23825 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Aliases in the branch predictor may cause some AMD processors to predict the wrong branch type potentially leading to information disclosure. | 6.5 |
| 2022-07-12 | CVE-2022-31654 | Cross-site Scripting vulnerability in VMWare Vrealize LOG Insight VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations. | 5.4 |
| 2022-07-12 | CVE-2022-31655 | Cross-site Scripting vulnerability in VMWare Vrealize LOG Insight VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts. | 5.4 |
| 2022-07-12 | CVE-2022-29901 | Exposure of Resource to Wrong Sphere vulnerability in multiple products Intel microprocessor generations 6 to 8 are affected by a new Spectre variant that is able to bypass their retpoline mitigation in the kernel to leak arbitrary data. | 6.5 |
| 2022-06-16 | CVE-2022-22953 | Unspecified vulnerability in VMWare HCX 4.3.1/4.3.2 VMware HCX update addresses an information disclosure vulnerability. | 6.5 |
| 2022-06-15 | CVE-2022-21166 | Incomplete Cleanup vulnerability in multiple products Incomplete cleanup in specific special register write operations for some Intel(R) Processors may allow an authenticated user to potentially enable information disclosure via local access. | 5.5 |