Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware server vulnerabilities and exploits
(subscribe to this query)
7.8
CVSSv3
CVE-2021-22015
The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appli...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
2 Github repositories
1 Article
5.5
CVSSv3
CVE-2022-31697
The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore) can access plaintext password...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
1 Article
NA
CVE-2009-1564
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder prior to 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x prior to 6.5.4 build 246459, VMware Player 2.5.x prior to 2.5.4 build 246459, and VMware Server 2.x on ...
Vmware Movie Decoder 6.5.3
Vmware Workstation 6.5.0
Vmware Workstation 6.5.3
Vmware Workstation 6.5.1
Vmware Workstation 6.5.2
Vmware Player 2.5.3
Vmware Player 2.5.1
Vmware Player 2.5.2
Vmware Player 2.5
Vmware Server 2.0.1
Vmware Server 2.0.2
Vmware Server 2.0.0
NA
CVE-2009-1565
vmnc.dll in the VMnc media codec in VMware Movie Decoder prior to 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x prior to 6.5.4 build 246459, VMware Player 2.5.x prior to 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote malicio...
Vmware Movie Decoder 6.5.3
Vmware Workstation 6.5.2
Vmware Workstation 6.5.3
Vmware Workstation 6.5.0
Vmware Workstation 6.5.1
Vmware Player 2.5.2
Vmware Player 2.5.3
Vmware Player 2.5
Vmware Player 2.5.1
Vmware Server 2.0.0
Vmware Server 2.0.1
Vmware Server 2.0.2
6.5
CVSSv3
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Cloud Foundation
Vmware Cloud Foundation 3.11
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
1 Github repository
9.8
CVSSv3
CVE-2023-34048
vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
1 Github repository
4 Articles
4.3
CVSSv3
CVE-2023-34056
vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
1 Article
9.8
CVSSv3
CVE-2023-20892
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underl...
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
9.8
CVSSv3
CVE-2023-20893
The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
9.8
CVSSv3
CVE-2023-20894
The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
authentication bypass
CVE-2024-30051
remote
CVE-2024-27954
CVE-2023-51483
CVE-2023-47782
SSRF
CVE-2024-24715
CVE-2023-52424
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »