Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-34056
vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
1 Article
356
VMScore
CVE-2022-22948
The vCenter Server contains an information disclosure vulnerability due to improper permission of files. A malicious actor with non-administrative access to the vCenter Server may exploit this issue to gain access to sensitive information.
Vmware Cloud Foundation
Vmware Cloud Foundation 3.11
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
1 Github repository
409
VMScore
CVE-2008-4916
Unspecified vulnerability in a guest virtual device driver in VMware Workstation prior to 5.5.9 build 126128, and 6.5.1 and previous versions 6.x versions; VMware Player prior to 1.0.9 build 126128, and 2.5.1 and previous versions 2.x versions; VMware ACE prior to 1.0.8 build 125...
Vmware Vmware Workstation 5.5.2
Vmware Vmware Workstation 5.5.4
Vmware Vmware Workstation 6.0.4
Vmware Vmware Workstation 6.0.2
Vmware Vmware Workstation 4.5.3
Vmware Vmware Workstation 5.5.5
Vmware Vmware Workstation 5.0
Vmware Vmware Player 2.0.3
Vmware Vmware Player 2.0.2
Vmware Vmware Player 1.0.7
Vmware Vmware Player 1.0.6
Emc Vmware Player
Vmware Vmware Ace 2.5.1
Vmware Vmware Ace 1.0.5
Vmware Vmware Ace 1.0.4
Vmware Vmware Server 1.0.2
Vmware Vmware Server 1.0.4
Vmware Vmware Esxi 3.5
Vmware Vmware Esx 3.5
Vmware Vmware Workstation 6.0.0.45731
Vmware Vmware Workstation 6.0.1
Vmware Vmware Workstation 5.5.8
169
VMScore
CVE-2007-5438
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x prior to 5.5.8 build 108000, VMware Workstation 6.0.x prior to 6.0.5 build 109488, VMware Player 1.x prior to 1.0.8 build 108000, VMware Player 2.x prior to 2.0.5 build 109488, VMwa...
Vmware Vmware Workstation 5.5.2
Vmware Vmware Workstation 5.5.3
Vmware Vmware Workstation 6.0
Vmware Vmware Workstation 6.0.2
Vmware Vmware Player 1.0.4
Vmware Vmware Player 1.0.5
Vmware Vmware Player 2.0.3
Vmware Vmware Player 2.0.4
Vmware Ace 1.0.5
Vmware Ace 1.0.6
Vmware Vmware Server 1.0
Vmware Vmware Server 1.0.1
Vmware Vmware Workstation 5.5.0
Vmware Vmware Workstation 5.5.1
Vmware Vmware Workstation 5.5.8
Vmware Vmware Workstation 6.0.1
Vmware Vmware Player 1.0.1
Vmware Vmware Player 1.0.2
Vmware Vmware Player 1.0.3
Vmware Vmware Player 2.0
Vmware Vmware Player 2.0.2
Vmware Ace 1.0.3
383
VMScore
CVE-2015-6931
Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.0
356
VMScore
CVE-2019-5532
VMware vCenter Server (6.7.x before 6.7 U3, 6.5 before 6.5 U3 and 6.0 before 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containi...
Vmware Vcenter Server 6.0
Vmware Vcenter Server 6.7
Vmware Vcenter Server 6.5
356
VMScore
CVE-2016-7459
VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML document containing an external entity declaration in conjunction with an entity refer...
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.0
668
VMScore
CVE-2021-22049
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Serv...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
605
VMScore
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.0
445
VMScore
CVE-2015-1047
vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote malicious users to cause a denial of service via a long heartbeat message.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.0
Vmware Vcenter Server 5.1
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-49333
CVE-2024-33901
CVE-2024-36001
CVE-2024-2835
firewall
XPath injection
authentication bypass
CVE-2024-22120
CVE-2024-32002
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »