CVE-2022-31699
https://notcve.org/view.php?id=CVE-2022-31699
VMware ESXi contains a heap-overflow vulnerability. A malicious local actor with restricted privileges within a sandbox process may exploit this issue to achieve a partial information disclosure. VMware ESXi contiene una vulnerabilidad de desbordamiento del heap. • https://www.vmware.com/security/advisories/VMSA-2022-0030.html • CWE-787: Out-of-bounds Write •
CVE-2022-31697
https://notcve.org/view.php?id=CVE-2022-31697
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. • https://www.vmware.com/security/advisories/VMSA-2022-0030.html • CWE-312: Cleartext Storage of Sensitive Information •
CVE-2022-31678
https://notcve.org/view.php?id=CVE-2022-31678
VMware Cloud Foundation (NSX-V) contains an XML External Entity (XXE) vulnerability. On VCF 3.x instances with NSX-V deployed, this may allow a user to exploit this issue leading to a denial-of-service condition or unintended information disclosure. VMware Cloud Foundation (NSX-V) contiene una vulnerabilidad de entidad externa XML (XXE). • https://www.vmware.com/security/advisories/VMSA-2022-0027.html • CWE-611: Improper Restriction of XML External Entity Reference •
CVE-2022-31673
https://notcve.org/view.php?id=CVE-2022-31673
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can create and leak hex dumps, leading to information disclosure. ... VMware vRealize Operations contiene una vulnerabilidad de divulgación de información. • https://www.vmware.com/security/advisories/VMSA-2022-0022.html •
CVE-2022-31674
https://notcve.org/view.php?id=CVE-2022-31674
VMware vRealize Operations contains an information disclosure vulnerability. A low-privileged malicious actor with network access can access log files that lead to information disclosure. VMware vRealize Operations contiene una vulnerabilidad de divulgación de información. • https://www.vmware.com/security/advisories/VMSA-2022-0022.html • CWE-532: Insertion of Sensitive Information into Log File •