Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vmware server vulnerabilities and exploits
(subscribe to this query)
828
VMScore
CVE-2009-0909
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x prior to 6.5.2 build 156735, VMware Player 2.5.x prior to 2.5.2 build 156735, VMware ACE 2.5.x prior to 2.5.2 build 156735, and VMware Server 2.0.x prior to 2.0.1 build 156745 allows remote malicious users t...
Vmware Player 2.5.1
Vmware Ace 2.5.1
Vmware Server 2.0
Vmware Workstation 6.5.1
605
VMScore
CVE-2009-0910
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x prior to 6.5.2 build 156735, VMware Player 2.5.x prior to 2.5.2 build 156735, VMware ACE 2.5.x prior to 2.5.2 build 156735, and VMware Server 2.0.x prior to 2.0.1 build 156745 allows remote malicious users t...
Vmware Workstation 6.5.1
Vmware Player 2.5.1
Vmware Ace 2.5.1
Vmware Server 2.0
320
VMScore
CVE-2006-3589
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
Vmware Esx 2.1.1
Vmware Esx 2.1.2
Vmware Esx 2.1
Vmware Server 1.0.1 Build 29996
Vmware Workstation 5.5.3
Vmware Esx 2.0.1
Vmware Infrastructure 3
Vmware Player
Vmware Esx 2.0
Vmware Esx 2.5
Vmware Esx 2.5.2
605
VMScore
CVE-2016-2076
Client Integration Plugin (CIP) in VMware vCenter Server 5.5 U3a, U3b, and U3c and 6.0 before U2; vCloud Director 5.5.5; and vRealize Automation Identity Appliance 6.2.4 prior to 6.2.4.1 mishandles session content, which allows remote malicious users to hijack sessions via a craf...
Vmware Vcloud Automation Identity Appliance 6.2.4
Vmware Vcenter Server 5.5
Vmware Vcloud Director 5.5.5
Vmware Vcenter Server
383
VMScore
CVE-2014-4241
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote malicious users to affect integrity via vectors related to WLS - Web Services.
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.0
Vmware Esxi 5.1
Vmware Vcenter Server 5.5
Vmware Vcenter Server Appliance 5.1
Oracle Fusion Middleware 10.0.2
Oracle Fusion Middleware 10.3.6
1 Github repository
446
VMScore
CVE-2021-21980
The vSphere Web Client (FLEX/Flash) contains an unauthorized arbitrary file read vulnerability. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Cloud Foundation 3.0
3 Github repositories
614
VMScore
CVE-2010-4295
Race condition in the mounting process in vmware-mount in VMware Workstation 7.x prior to 7.1.2 build 301548 on Linux, VMware Player 3.1.x prior to 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x prior to 3.1.2 build 332101 allows host OS users ...
Vmware Workstation 7.0
Vmware Workstation 7.0.1
Vmware Workstation 7.1
Vmware Workstation 7.1.1
Vmware Workstation 7.1.2
Vmware Player 3.1
Vmware Player 3.1.1
Vmware Player 3.1.2
Vmware Server 2.0.2
Vmware Fusion 3.1
Vmware Fusion 3.1.1
Vmware Fusion 3.1.2
641
VMScore
CVE-2010-4296
vmware-mount in VMware Workstation 7.x prior to 7.1.2 build 301548 on Linux, VMware Player 3.1.x prior to 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x prior to 3.1.2 build 332101 does not properly load libraries, which allows host OS users to...
Vmware Workstation 7.0
Vmware Workstation 7.0.1
Vmware Workstation 7.1
Vmware Workstation 7.1.1
Vmware Workstation 7.1.2
Vmware Player 3.1
Vmware Player 3.1.1
Vmware Player 3.1.2
Vmware Server 2.0.2
Vmware Fusion 3.1
Vmware Fusion 3.1.1
Vmware Fusion 3.1.2
383
VMScore
CVE-2016-2078
Cross-site scripting (XSS) vulnerability in the Web Client in VMware vCenter Server 5.1 before update 3d, 5.5 before update 3d, and 6.0 before update 2 on Windows allows remote malicious users to inject arbitrary web script or HTML via the flashvars parameter.
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.0
383
VMScore
CVE-2014-8371
VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate certificates when connecting to a CIM Server on an ESXi host, which allows man-in-the-middle malicious users to spoof CIM servers via a crafted cer...
Vmware Vcenter Server Appliance 5.1
Vmware Vcenter Server Appliance 5.0
Vmware Vcenter Server Appliance 5.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2012-1823
malicious code
CVE-2024-5770
CVE-2023-45866
CVE-2024-35687
local users
CVE-2024-31246
CVE-2024-35730
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
5
6
7
8
9
10
NEXT »