vmware

950 tracked vulnerabilities.

CVE-2022-31704 CRITICAL NUCLEI
VMware vRealize Log Insight 3.0-4.8 - Unauthenticated Remote Code Execution via Broken Access Control
Jan 26, 2023
CVSS 9.8
EPSS 0.90
CVE-2022-31708 MEDIUM
vRealize Operations 8.6.0-8.6.4.20823815 - Improper Access Control
Dec 16, 2022
CVSS 4.9
EPSS 0.00
CVE-2022-31707 HIGH
vRealize Operations 8.6.0-8.6.4.20823815 - Privilege Escalation
Dec 16, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-31705 HIGH
VMware Workstation 16.0.0-16.2.4 - Heap Out-of-bounds Write in USB 2.0 Controller
Dec 14, 2022
CVSS 8.2
EPSS 0.04
CVE-2022-31703 HIGH
vRealize Log Insight < 8.10.1 - Unauthenticated Path Traversal and Remote Code Execution
Dec 14, 2022
CVSS 7.5
EPSS 0.02
CVE-2022-31702 CRITICAL
vRealize Network Insight - Unauthenticated Remote Code Execution via REST API
Dec 14, 2022
CVSS 9.8
EPSS 0.02
CVE-2022-31701 MEDIUM
VMware Workspace ONE Access and Identity Manager - Broken Authentication
Dec 14, 2022
CVSS 5.3
EPSS 0.00
CVE-2022-31700 HIGH
VMware Workspace ONE Access and Identity Manager - Authenticated Remote Code Execution
Dec 14, 2022
CVSS 7.2
EPSS 0.01
CVE-2022-31699 LOW
VMware Cloud Foundation - Heap Overflow in Sandbox Process
Dec 13, 2022
CVSS 3.3
EPSS 0.00
CVE-2022-31698 MEDIUM
VMware Cloud Foundation - Denial of Service via Crafted Header
Dec 13, 2022
CVSS 5.3
EPSS 0.02
CVE-2022-31697 MEDIUM
VMware vCenter Server - Cleartext Storage of Sensitive Information in Operation Logs
Dec 13, 2022
CVSS 5.5
EPSS 0.00
CVE-2022-31696 HIGH
VMware ESXi - Memory Corruption via Network Socket Handling
Dec 13, 2022
CVSS 8.8
EPSS 0.01
CVE-2022-38652 CRITICAL
VMWare Hyperic Agent 5.8.6 - Deserialization
Nov 12, 2022
CVSS 9.9
EPSS 0.00
CVE-2022-38651 CRITICAL
VMware Hyperic Server <5.8.6 - Auth Bypass
Nov 12, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-38650 CRITICAL
VMware Hyperic Server <5.8.6 - Open Redirect
Nov 12, 2022
CVSS 10.0
EPSS 0.01
CVE-2022-31689 CRITICAL
VMware Workspace ONE Assist <22.10 - Privilege Escalation
Nov 09, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31688 MEDIUM
VMware Workspace ONE Assist < 22.10 - Reflected Cross-Site Scripting
Nov 09, 2022
CVSS 6.1
EPSS 0.00
CVE-2022-31687 CRITICAL
VMware Workspace ONE Assist < 22.10 - Unauthenticated Broken Access Control
Nov 09, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31686 CRITICAL
VMware Workspace ONE Assist < 22.10 - Unauthenticated Broken Authentication Method
Nov 09, 2022
CVSS 9.8
EPSS 0.01
CVE-2022-31685 CRITICAL
VMware Workspace ONE Assist < 22.10 - Authentication Bypass
Nov 09, 2022
CVSS 9.8
EPSS 0.00
CVE-2022-31691 CRITICAL
Vmware Bosh Editor < 1.40.0 - Code Injection
Nov 04, 2022
CVSS 9.8
EPSS 0.11
CVE-2022-31692 CRITICAL
Spring Security 5.6.0-5.6.8 and 5.7.0-5.7.4 - Authorization Bypass via Forward or Include Dispatcher Types
Oct 31, 2022
CVSS 9.8
EPSS 0.07
CVE-2022-31690 HIGH
Spring Security 5.6.0-5.6.8 and 5.7.0-5.7.4 - Privilege Escalation via OAuth2 Access Token Response
Oct 31, 2022
CVSS 8.1
EPSS 0.00
CVE-2022-31678 CRITICAL NUCLEI
VMware Cloud Foundation < 3.11 and NSX Data Center < 6.4.14 - XML External Entity Injection
Oct 28, 2022
CVSS 9.1
EPSS 0.84
CVE-2022-31682 MEDIUM
VMware Aria Operations - Info Disclosure
Oct 11, 2022
CVSS 4.9
EPSS 0.00
Products
workstation 213 esxi 139 cloud_foundation 132 fusion 131 player 89 esx 86 vcenter_server 79 server 58 spring_framework 48 ace 44 identity_manager 28 workstation_pro 27 workstation_player 26 horizon_client 25 spring_security 24 Workstation 23 tools 22 vrealize_suite_lifecycle_manager 21 vrealize_automation 20 spring_boot 18 vrealize_operations 18 ESXi 16 vmware_workstation 15 vrealize_log_insight 15 workspace_one_access 15 horizon_view 14 spring_ai 14 vcenter_server_appliance 14 Fusion 13 aria_operations 13
Quick Filters
Critical CVEs With Exploits In CISA KEV