Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware esxi vulnerabilities and exploits
(subscribe to this query)
8.1
CVSSv3
CVE-2018-6966
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x prior to 14.1.2), and Fusion (10.x prior to 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attacke...
Vmware Fusion
Vmware Workstation
Vmware Esxi 6.7
7.8
CVSSv3
CVE-2021-22042
VMware ESXi contains an unauthorized access vulnerability due to VMX having access to settingsd authorization tickets. A malicious actor with privileges within the VMX process only, may be able to access settingsd service running as a high privileged user.
Vmware Esxi 7.0
Vmware Cloud Foundation
7.8
CVSSv3
CVE-2021-22045
VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device ...
Vmware Cloud Foundation
Vmware Workstation
Vmware Fusion
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
7.8
CVSSv3
CVE-2020-4005
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG) contains a privilege-escalation vulnerability that exists in the way certain system calls are being managed. A malicious actor with privileges within the VMX process only...
Vmware Cloud Foundation
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Esxi 7.0
1 Article
7.8
CVSSv3
CVE-2020-3969
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x prior to 15.5.5), and Fusion (11.x prior to 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor wi...
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Fusion
Vmware Esxi 7.0.0
Vmware Cloud Foundation
Vmware Workstation
7.8
CVSSv3
CVE-2016-5330
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 up to and including 6.0, VMware Workstation Pro 12.1.x prior to 12.1.1, VMware Workstation Player 12.1.x prior to 12.1.1, and VMware Fusion 8.1.x prior to 8.1.1 ...
Vmware Workstation Player
Vmware Workstation Pro
Vmware Esxi
Vmware Fusion
Vmware Tools
1 EDB exploit
7.8
CVSSv3
CVE-2009-2698
The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel prior to 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE fl...
Linux Linux Kernel
Canonical Ubuntu Linux 6.06
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 8.10
Suse Linux Enterprise Server 9
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Fedoraproject Fedora 10
Redhat Enterprise Linux Server 5.0
Redhat Enterprise Linux Workstation 5.0
Redhat Enterprise Linux Desktop 4.0
Redhat Enterprise Linux Desktop 5.0
Redhat Enterprise Linux Server 4.0
Redhat Enterprise Linux Workstation 4.0
Redhat Enterprise Linux Server Aus 5.3
Redhat Enterprise Linux Eus 5.3
Redhat Enterprise Linux Eus 4.8
Vmware Esxi 4.0
Vmware Vcenter Server 4.0
3 EDB exploits
2 Github repositories
7.7
CVSSv3
CVE-2020-3982
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x prior to 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious ...
Vmware Esxi 7.0.0
Vmware Esxi 6.7
Vmware Esxi 6.5
Vmware Cloud Foundation
Vmware Workstation
Vmware Workstation Player
Vmware Fusion
1 Article
7.5
CVSSv3
CVE-2023-29552
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote malicious user to register arbitrary services. This could allow the malicious user to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor.
Netapp Smi-s Provider -
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 12
Suse Linux Enterprise Server 15
Suse Manager Server -
Vmware Esxi
Service Location Protocol Project Service Location Protocol -
7.5
CVSSv3
CVE-2021-22043
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files.
Vmware Esxi 7.0
Vmware Fusion
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
privilege
CVE-2022-48762
CVE-2022-48751
CVE-2024-37079
CVE-2024-30848
LFI
man-in-the-middle
CVE-2022-48736
CVE-2024-30103
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »