Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vmware server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2006-3589
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
Vmware Esx 2.1.1
Vmware Esx 2.1.2
Vmware Esx 2.1
Vmware Server 1.0.1 Build 29996
Vmware Workstation 5.5.3
Vmware Esx 2.0.1
Vmware Infrastructure 3
Vmware Player
Vmware Esx 2.0
Vmware Esx 2.5
Vmware Esx 2.5.2
NA
CVE-2009-0909
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x prior to 6.5.2 build 156735, VMware Player 2.5.x prior to 2.5.2 build 156735, VMware ACE 2.5.x prior to 2.5.2 build 156735, and VMware Server 2.0.x prior to 2.0.1 build 156745 allows remote malicious users t...
Vmware Player 2.5.1
Vmware Ace 2.5.1
Vmware Server 2.0
Vmware Workstation 6.5.1
NA
CVE-2009-0910
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x prior to 6.5.2 build 156735, VMware Player 2.5.x prior to 2.5.2 build 156735, VMware ACE 2.5.x prior to 2.5.2 build 156735, and VMware Server 2.0.x prior to 2.0.1 build 156745 allows remote malicious users t...
Vmware Workstation 6.5.1
Vmware Player 2.5.1
Vmware Ace 2.5.1
Vmware Server 2.0
7.6
CVSSv3
CVE-2016-2076
Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 prior to 6.2.4.1 mishandles session content, which allows remote malicious users to hijack sessions via a craf...
Vmware Vcloud Automation Identity Appliance 6.2.4
Vmware Vcenter Server 5.5
Vmware Vcloud Director 5.5.5
Vmware Vcenter Server
NA
CVE-2014-4241
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote malicious users to affect integrity via vectors related to WLS - Web Services.
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.0
Vmware Esxi 5.1
Vmware Vcenter Server 5.5
Vmware Vcenter Server Appliance 5.1
Oracle Fusion Middleware 10.0.2
Oracle Fusion Middleware 10.3.6
1 Github repository
7.5
CVSSv3
CVE-2021-21980
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Cloud Foundation 3.0
3 Github repositories
NA
CVE-2010-4296
vmware-mount in VMware Workstation 7.x prior to 7.1.2 build 301548 on Linux, VMware Player 3.1.x prior to 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x prior to 3.1.2 build 332101 does not properly load libraries, which allows host OS users to...
Vmware Workstation 7.0
Vmware Workstation 7.0.1
Vmware Workstation 7.1
Vmware Workstation 7.1.1
Vmware Workstation 7.1.2
Vmware Player 3.1
Vmware Player 3.1.1
Vmware Player 3.1.2
Vmware Server 2.0.2
Vmware Fusion 3.1
Vmware Fusion 3.1.1
Vmware Fusion 3.1.2
NA
CVE-2010-4295
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x prior to 7.1.2 build 301548 on Linux, VMware Player 3.1.x prior to 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x prior to 3.1.2 build 332101 allows host OS users ...
Vmware Workstation 7.0
Vmware Workstation 7.0.1
Vmware Workstation 7.1
Vmware Workstation 7.1.1
Vmware Workstation 7.1.2
Vmware Player 3.1
Vmware Player 3.1.1
Vmware Player 3.1.2
Vmware Server 2.0.2
Vmware Fusion 3.1
Vmware Fusion 3.1.1
Vmware Fusion 3.1.2
6.1
CVSSv3
CVE-2016-2078
Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote malicious users to inject arbitrary web script or HTML via the flashvars parameter.
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.0
NA
CVE-2014-8371
VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle malicious users to spoof CIM servers via a crafted cer...
Vmware Vcenter Server Appliance 5.1
Vmware Vcenter Server Appliance 5.0
Vmware Vcenter Server Appliance 5.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »