| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2023-31131 |
22 |
|
Dir. Trav. |
2023-05-15 |
2023-05-25 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Greenplum Database (GPDB) is an open source data warehouse based on PostgreSQL. In versions prior to 6.22.3 Greenplum Database used an unsafe methods to extract tar files within GPPKGs. greenplum-db is vulnerable to path traversal leading to arbitrary file writes. An attacker can use this vulnerability to overwrite data or system files potentially leading to crash or malfunction of the system. Any files which are accessible to the running process are at risk. All users are requested to upgrade to Greenplum Database version 6.23.2 or higher. There are no known workarounds for this vulnerability. |
|
2 |
CVE-2023-29552 |
|
|
|
2023-04-25 |
2023-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. |
|
3 |
CVE-2023-20880 |
|
|
|
2023-05-12 |
2023-05-24 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'. |
|
4 |
CVE-2023-20879 |
|
|
+Priv |
2023-05-12 |
2023-06-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations contains a Local privilege escalation vulnerability. A malicious actor with administrative privileges in the Aria Operations application can gain root access to the underlying operating system. |
|
5 |
CVE-2023-20878 |
502 |
|
Exec Code |
2023-05-12 |
2023-06-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations contains a deserialization vulnerability. A malicious actor with administrative privileges can execute arbitrary commands and disrupt the system. |
|
6 |
CVE-2023-20877 |
|
|
Exec Code |
2023-05-12 |
2023-06-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations contains a privilege escalation vulnerability. An authenticated malicious user with ReadOnly privileges can perform code execution leading to privilege escalation. |
|
7 |
CVE-2023-20873 |
|
|
Bypass |
2023-04-20 |
2023-06-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Spring Boot versions 3.0.0 - 3.0.5, 2.7.0 - 2.7.10, and older unsupported versions, an application that is deployed to Cloud Foundry could be susceptible to a security bypass. Users of affected versions should apply the following mitigation: 3.0.x users should upgrade to 3.0.6+. 2.7.x users should upgrade to 2.7.11+. Users of older, unsupported versions should upgrade to 3.0.6+ or 2.7.11+. |
|
8 |
CVE-2023-20872 |
787 |
|
|
2023-04-25 |
2023-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. |
|
9 |
CVE-2023-20870 |
125 |
|
|
2023-04-25 |
2023-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. |
|
10 |
CVE-2023-20869 |
787 |
|
Overflow |
2023-04-25 |
2023-05-04 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. |
|
11 |
CVE-2023-20868 |
79 |
|
XSS |
2023-05-26 |
2023-06-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
NSX-T contains a reflected cross-site scripting vulnerability due to a lack of input validation. A remote attacker can inject HTML or JavaScript to redirect to malicious pages. |
|
12 |
CVE-2023-20866 |
|
|
|
2023-04-13 |
2023-04-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Spring Session version 3.0.0, the session id can be logged to the standard output stream. This vulnerability exposes sensitive information to those who have access to the application logs and can be used for session hijacking. Specifically, an application is vulnerable if it is using HeaderHttpSessionIdResolver. |
|
13 |
CVE-2023-20865 |
77 |
|
Exec Code |
2023-04-20 |
2023-05-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root. |
|
14 |
CVE-2023-20864 |
502 |
|
Exec Code |
2023-04-20 |
2023-05-02 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary code as root. |
|
15 |
CVE-2023-20863 |
917 |
|
|
2023-04-13 |
2023-04-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In spring framework versions prior to 5.2.24 release+ ,5.3.27+ and 6.0.8+ , it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. |
|
16 |
CVE-2023-20862 |
459 |
|
|
2023-04-19 |
2023-05-26 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Spring Security, versions 5.7.x prior to 5.7.8, versions 5.8.x prior to 5.8.3, and versions 6.0.x prior to 6.0.3, the logout support does not properly clean the security context if using serialized versions. Additionally, it is not possible to explicitly save an empty security context to the HttpSessionSecurityContextRepository. This vulnerability can keep users authenticated even after they performed logout. Users of affected versions should apply the following mitigation. 5.7.x users should upgrade to 5.7.8. 5.8.x users should upgrade to 5.8.3. 6.0.x users should upgrade to 6.0.3. |
|
17 |
CVE-2023-20861 |
|
|
|
2023-03-23 |
2023-04-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Spring Framework versions 6.0.0 - 6.0.6, 5.3.0 - 5.3.25, 5.2.0.RELEASE - 5.2.22.RELEASE, and older unsupported versions, it is possible for a user to provide a specially crafted SpEL expression that may cause a denial-of-service (DoS) condition. |
|
18 |
CVE-2023-20860 |
|
|
Bypass |
2023-03-27 |
2023-05-05 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Spring Framework running version 6.0.0 - 6.0.6 or 5.3.0 - 5.3.25 using "**" as a pattern in Spring Security configuration with the mvcRequestMatcher creates a mismatch in pattern matching between Spring Security and Spring MVC, and the potential for a security bypass. |
|
19 |
CVE-2023-20859 |
532 |
|
|
2023-03-23 |
2023-03-28 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
In Spring Vault, versions 3.0.x prior to 3.0.2 and versions 2.3.x prior to 2.3.3 and older versions, an application is vulnerable to insertion of sensitive information into a log file when it attempts to revoke a Vault batch token. |
|
20 |
CVE-2023-20857 |
306 |
|
Bypass |
2023-02-28 |
2023-03-09 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Content contains a passcode bypass vulnerability. A malicious actor, with access to a users rooted device, may be able to bypass the VMware Workspace ONE Content passcode. |
|
21 |
CVE-2023-20856 |
352 |
|
Bypass CSRF |
2023-02-01 |
2023-02-08 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware vRealize Operations (vROps) contains a CSRF bypass vulnerability. A malicious user could execute actions on the vROps platform on behalf of the authenticated victim user. |
|
22 |
CVE-2023-20855 |
611 |
|
Bypass |
2023-02-22 |
2023-03-03 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted input to bypass XML parsing restrictions leading to access to sensitive information or possible escalation of privileges. |
|
23 |
CVE-2022-38652 |
502 |
|
|
2022-11-12 |
2022-11-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED ** A remote insecure deserialization vulnerability exixsts in VMWare Hyperic Agent 5.8.6. Exploitation of this vulnerability enables a malicious authenticated user to run arbitrary code or malware within a Hyperic Agent instance and its host operating system with the privileges of the Hyperic Agent process (often SYSTEM on Windows platforms). NOTE: prior exploitation of CVE-2022-38650 results in the disclosure of the authentication material required to exploit this vulnerability. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
24 |
CVE-2022-38651 |
|
|
Bypass |
2022-11-12 |
2022-11-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED ** A security filter misconfiguration exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to bypass some authentication requirements when issuing requests to Hyperic Server. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
25 |
CVE-2022-38650 |
502 |
|
|
2022-11-12 |
2022-11-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
** UNSUPPORTED WHEN ASSIGNED ** A remote unauthenticated insecure deserialization vulnerability exists in VMware Hyperic Server 5.8.6. Exploitation of this vulnerability enables a malicious party to run arbitrary code or malware within Hyperic Server and the host operating system with the privileges of the Hyperic server process. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. |
|
26 |
CVE-2022-36797 |
|
|
DoS |
2023-02-16 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.1 may allow an authenticated user to potentially enable denial of service via local access. |
|
27 |
CVE-2022-36416 |
|
|
|
2023-02-16 |
2023-03-06 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Protection mechanism failure in the Intel(R) Ethernet 500 Series Controller drivers for VMware before version 1.10.0.13 may allow an authenticated user to potentially enable escalation of privilege via local access. |
|
28 |
CVE-2022-31711 |
200 |
|
+Info |
2023-01-26 |
2023-02-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication. |
|
29 |
CVE-2022-31710 |
502 |
|
DoS |
2023-01-26 |
2023-02-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service. |
|
30 |
CVE-2022-31708 |
668 |
|
|
2022-12-16 |
2022-12-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
vRealize Operations (vROps) contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4. |
|
31 |
CVE-2022-31707 |
|
|
|
2022-12-16 |
2022-12-21 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
vRealize Operations (vROps) contains a privilege escalation vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2. |
|
32 |
CVE-2022-31706 |
22 |
|
Exec Code Dir. Trav. |
2023-01-26 |
2023-02-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. |
|
33 |
CVE-2022-31705 |
787 |
|
Exec Code |
2022-12-14 |
2022-12-19 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitation is contained within the VMX sandbox whereas, on Workstation and Fusion, this may lead to code execution on the machine where Workstation or Fusion is installed. |
|
34 |
CVE-2022-31704 |
|
|
Exec Code |
2023-01-26 |
2023-02-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. |
|
35 |
CVE-2022-31703 |
22 |
|
Exec Code Dir. Trav. |
2022-12-14 |
2023-03-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. |
|
36 |
CVE-2022-31702 |
77 |
|
Exec Code |
2022-12-14 |
2022-12-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
vRealize Network Insight (vRNI) contains a command injection vulnerability present in the vRNI REST API. A malicious actor with network access to the vRNI REST API can execute commands without authentication. |
|
37 |
CVE-2022-31701 |
287 |
|
|
2022-12-14 |
2022-12-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Access and Identity Manager contain a broken authentication vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 5.3. |
|
38 |
CVE-2022-31700 |
|
|
Exec Code |
2022-12-14 |
2022-12-20 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Access and Identity Manager contain an authenticated remote code execution vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.2. |
|
39 |
CVE-2022-31699 |
787 |
|
Overflow |
2022-12-13 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure. |
|
40 |
CVE-2022-31698 |
|
|
|
2022-12-13 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header. |
|
41 |
CVE-2022-31697 |
312 |
|
|
2022-12-13 |
2022-12-15 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext passwords used during that operation. |
|
42 |
CVE-2022-31696 |
|
|
Mem. Corr. |
2022-12-13 |
2022-12-16 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox. |
|
43 |
CVE-2022-31692 |
863 |
|
Bypass |
2022-10-31 |
2023-03-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Spring Security, versions 5.7 prior to 5.7.5 and 5.6 prior to 5.6.9 could be susceptible to authorization rules bypass via forward or include dispatcher types. Specifically, an application is vulnerable when all of the following are true: The application expects that Spring Security applies security to forward and include dispatcher types. The application uses the AuthorizationFilter either manually or via the authorizeHttpRequests() method. The application configures the FilterChainProxy to apply to forward and/or include requests (e.g. spring.security.filter.dispatcher-types = request, error, async, forward, include). The application may forward or include the request to a higher privilege-secured endpoint.The application configures Spring Security to apply to every dispatcher type via authorizeHttpRequests().shouldFilterAllDispatcherTypes(true) |
|
44 |
CVE-2022-31691 |
94 |
|
Exec Code |
2022-11-04 |
2022-11-14 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Spring Tools 4 for Eclipse version 4.16.0 and below as well as VSCode extensions such as Spring Boot Tools, Concourse CI Pipeline Editor, Bosh Editor and Cloudfoundry Manifest YML Support version 1.39.0 and below all use Snakeyaml library for YAML editing support. This library allows for some special syntax in the YAML that under certain circumstances allows for potentially harmful remote code execution by the attacker. |
|
45 |
CVE-2022-31690 |
269 |
|
|
2022-10-31 |
2023-03-01 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
Spring Security, versions 5.7 prior to 5.7.5, and 5.6 prior to 5.6.9, and older unsupported versions could be susceptible to a privilege escalation under certain conditions. A malicious user or attacker can modify a request initiated by the Client (via the browser) to the Authorization Server which can lead to a privilege escalation on the subsequent approval. This scenario can happen if the Authorization Server responds with an OAuth2 Access Token Response containing an empty scope list (per RFC 6749, Section 5.1) on the subsequent request to the token endpoint to obtain the access token. |
|
46 |
CVE-2022-31689 |
384 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Assist prior to 22.10 contains a Session fixation vulnerability. A malicious actor who obtains a valid session token may be able to authenticate to the application using that token. |
|
47 |
CVE-2022-31688 |
79 |
|
XSS |
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Assist prior to 22.10 contains a Reflected cross-site scripting (XSS) vulnerability. Due to improper user input sanitization, a malicious actor with some user interaction may be able to inject javascript code in the target user's window. |
|
48 |
CVE-2022-31687 |
|
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Assist prior to 22.10 contains a Broken Access Control vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application. |
|
49 |
CVE-2022-31686 |
287 |
|
|
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Assist prior to 22.10 contains a Broken Authentication Method vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application. |
|
50 |
CVE-2022-31685 |
306 |
|
Bypass |
2022-11-09 |
2022-11-10 |
0.0 |
None |
??? |
??? |
??? |
??? |
??? |
??? |
|
VMware Workspace ONE Assist prior to 22.10 contains an Authentication Bypass vulnerability. A malicious actor with network access to Workspace ONE Assist may be able to obtain administrative access without the need to authenticate to the application. |
