Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-31690
Spring Security, versions 5.7 before 5.7.5, and 5.6 before 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorizati...
Vmware Spring Security
Netapp Active Iq Unified Manager -
1 Github repository
NA
CVE-2022-31691
Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library al...
Vmware Cloudfoundry Manifest Yml Support
Vmware Bosh Editor
Vmware Concourse Ci Pipeline Editor
Vmware Spring Tools
Vmware Spring Boot Tools
1 Github repository
NA
CVE-2022-31692
Spring Security, versions 5.7 before 5.7.5 and 5.6 before 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security ...
Vmware Spring Security
Netapp Active Iq Unified Manager -
5 Github repositories
NA
CVE-2022-31694
InstallBuilder Qt installers built with versions previous to 22.10 try to load DLLs from the installer binary parent directory when displaying popups. This may allow an malicious user to plant a malicious DLL in the installer parent directory to allow executing code with the priv...
Installbuilder Installbuilder
NA
CVE-2022-31702
vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication.
Vmware Vrealize Network Insight 6.5.1
Vmware Vrealize Network Insight 6.2.0
Vmware Vrealize Network Insight 6.3.0
Vmware Vrealize Network Insight 6.4.0
Vmware Vrealize Network Insight 6.6.0
Vmware Vrealize Network Insight 6.7.0
1 Article
NA
CVE-2022-31703
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
Vmware Vrealize Log Insight
1 Article
NA
CVE-2022-31704
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution.
Vmware Vrealize Log Insight
2 Github repositories
1 Article
NA
CVE-2022-31705
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process run...
Vmware Esxi 7.0
Vmware Workstation
Vmware Esxi 8.0
Vmware Fusion
1 Github repository
1 Article
NA
CVE-2022-31706
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution.
Vmware Vrealize Log Insight
2 Github repositories
NA
CVE-2022-31710
vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service.
Vmware Vrealize Log Insight
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-30078
CVE-2024-37896
code injection
CVE-2024-3080
CVE-2024-5172
cross-site request forgery
CVE-2024-6111
firmware
CVE-2024-38504
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »