Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware esxi vulnerabilities and exploits
(subscribe to this query)
9.9
CVSSv3
CVE-2012-1516
The VMX process in VMware ESXi 3.5 up to and including 4.1 and ESX 3.5 up to and including 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS vi...
Vmware Esx 3.5
Vmware Esx 4.1
Vmware Esx 4.0
Vmware Esxi 4.1
Vmware Esxi 4.0
Vmware Esxi 3.5
9.8
CVSSv3
CVE-2021-21994
SFCB (Small Footprint CIM Broker) as used in ESXi has an authentication bypass vulnerability. A malicious actor with network access to port 5989 on ESXi may exploit this issue to bypass SFCB authentication by sending a specially crafted request.
Vmware Cloud Foundation
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
9.8
CVSSv3
CVE-2020-3992
OpenSLP as used in VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202010401-SG, 6.5 before ESXi650-202010401-SG) has a use-after-free issue. A malicious actor residing in the management network who has access to port 427 on an ESXi machine may be able to trig...
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0.0
Vmware Cloud Foundation
3 Github repositories
1 Article
9.8
CVSSv3
CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Horizon Daas
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Openslp Openslp 1.2.1
Openslp Openslp 2.0.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
2 Github repositories
9.8
CVSSv3
CVE-2010-0211
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote malicious users to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with a...
Openldap Openldap 2.4.22
Vmware Esxi 4.1
Vmware Esxi 4.0
Opensuse Opensuse 11.0
Apple Mac Os X Server
Apple Mac Os X
1 EDB exploit
9.6
CVSSv3
CVE-2019-5521
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x prior to 15.0.3 and 14.x prior to 14.1.6) and Fusion (11.x prior to 11.0.3 and 10.x prior to 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality. Su...
Vmware Fusion
Vmware Workstation
Vmware Esxi 6.5
Vmware Esxi 6.7
1 Article
9.3
CVSSv3
CVE-2020-3955
ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximu...
Vmware Esxi 6.5
Vmware Esxi 6.7
9.1
CVSSv3
CVE-2022-31680
The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.
Vmware Vcenter Server 6.5
Vmware Vcenter Server
1 Article
8.8
CVSSv3
CVE-2023-36628
A flaw exists in VASA which allows users with access to a vSphere/ESXi VMware admin on a FlashArray to gain root access through privilege escalation.
Purestorage Purity//fa
8.8
CVSSv3
CVE-2022-31696
VMware ESXi contains a memory corruption vulnerability that exists in the way it handles a network socket. A malicious actor with local access to ESXi may exploit this issue to corrupt memory leading to an escape of the ESXi sandbox.
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Cloud Foundation
Vmware Esxi 7.0
Vmware Cloud Foundation 4.4.1
Vmware Cloud Foundation 4.4.1.1
Vmware Cloud Foundation 4.4
Vmware Cloud Foundation 4.5
Vmware Cloud Foundation 4.76
Vmware Cloud Foundation 3.11
Vmware Cloud Foundation 3.10
Vmware Cloud Foundation 4.3.11
1 Article
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
type confusion
IMAP
CVE-2024-36103
CVE-2024-28995
CVE-2024-37325
CVE-2024-30078
CVE-2024-30082
SQL injection
CVE-2024-30052
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »