Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20896
The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of cer...
Vmware Vcenter Server 7.0
Vmware Vcenter Server
Vmware Vcenter Server 8.0
4
CVSSv2
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Cloud Foundation
Vmware Cloud Foundation 3.11
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
1 Github repository
4.6
CVSSv2
CVE-2008-4916
Unspecified vulnerability in a guest virtual device driver in VMware Workstation prior to 5.5.9 build 126128, and 6.5.1 and previous versions 6.x versions; VMware Player prior to 1.0.9 build 126128, and 2.5.1 and previous versions 2.x versions; VMware ACE prior to 1.0.8 build 125...
Vmware Vmware Workstation 5.5.2
Vmware Vmware Workstation 5.5.4
Vmware Vmware Workstation 6.0.4
Vmware Vmware Workstation 6.0.2
Vmware Vmware Workstation 4.5.3
Vmware Vmware Workstation 5.5.5
Vmware Vmware Workstation 5.0
Vmware Vmware Player 2.0.3
Vmware Vmware Player 2.0.2
Vmware Vmware Player 1.0.7
Vmware Vmware Player 1.0.6
Emc Vmware Player
Vmware Vmware Ace 2.5.1
Vmware Vmware Ace 1.0.5
Vmware Vmware Ace 1.0.4
Vmware Vmware Server 1.0.2
Vmware Vmware Server 1.0.4
Vmware Vmware Esxi 3.5
Vmware Vmware Esx 3.5
Vmware Vmware Workstation 6.0.0.45731
Vmware Vmware Workstation 6.0.1
Vmware Vmware Workstation 5.5.8
1.9
CVSSv2
CVE-2007-5438
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x prior to 5.5.8 build 108000, VMware Workstation 6.0.x prior to 6.0.5 build 109488, VMware Player 1.x prior to 1.0.8 build 108000, VMware Player 2.x prior to 2.0.5 build 109488, VMwa...
Vmware Vmware Workstation 5.5.2
Vmware Vmware Workstation 5.5.3
Vmware Vmware Workstation 6.0
Vmware Vmware Workstation 6.0.2
Vmware Vmware Player 1.0.4
Vmware Vmware Player 1.0.5
Vmware Vmware Player 2.0.3
Vmware Vmware Player 2.0.4
Vmware Ace 1.0.5
Vmware Ace 1.0.6
Vmware Vmware Server 1.0
Vmware Vmware Server 1.0.1
Vmware Vmware Workstation 5.5.0
Vmware Vmware Workstation 5.5.1
Vmware Vmware Workstation 5.5.8
Vmware Vmware Workstation 6.0.1
Vmware Vmware Player 1.0.1
Vmware Vmware Player 1.0.2
Vmware Vmware Player 1.0.3
Vmware Vmware Player 2.0
Vmware Vmware Player 2.0.2
Vmware Ace 1.0.3
4.3
CVSSv2
CVE-2015-6931
Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.0
6.8
CVSSv2
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.0
5
CVSSv2
CVE-2015-1047
vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote malicious users to cause a denial of service via a long heartbeat message.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.0
Vmware Vcenter Server 5.1
4
CVSSv2
CVE-2016-7459
VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML document containing an external entity declaration in conjunction with an entity refer...
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.0
7.5
CVSSv2
CVE-2021-22049
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Serv...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
4
CVSSv2
CVE-2019-5534
VMware vCenter Server (6.7.x before 6.7 U3, 6.5 before 6.5 U3 and 6.0 before 6.0 U3j) contains an information disclosure vulnerability where Virtual Machines deployed from an OVF could expose login information via the virtual machine's vAppConfig properties. A malicious acto...
Vmware Vcenter Server 6.0
Vmware Vcenter Server 6.7
Vmware Vcenter Server 6.5
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4761
command injection
CVE-2024-3676
IDOR
CVE-2024-30039
CVE-2024-32113
CVE-2024-30049
CVE-2024-4776
SQL injection
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »