Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware server vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2023-20894
The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
NA
CVE-2023-20895
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.
Vmware Vcenter Server 7.0
Vmware Vcenter Server 8.0
Vmware Vcenter Server
4.6
CVSSv2
CVE-2008-4916
Unspecified vulnerability in a guest virtual device driver in VMware Workstation prior to 5.5.9 build 126128, and 6.5.1 and previous versions 6.x versions; VMware Player prior to 1.0.9 build 126128, and 2.5.1 and previous versions 2.x versions; VMware ACE prior to 1.0.8 build 125...
Vmware Vmware Workstation 5.5.2
Vmware Vmware Workstation 5.5.4
Vmware Vmware Workstation 6.0.4
Vmware Vmware Workstation 6.0.2
Vmware Vmware Workstation 4.5.3
Vmware Vmware Workstation 5.5.5
Vmware Vmware Workstation 5.0
Vmware Vmware Player 2.0.3
Vmware Vmware Player 2.0.2
Vmware Vmware Player 1.0.7
Vmware Vmware Player 1.0.6
Emc Vmware Player
Vmware Vmware Ace 2.5.1
Vmware Vmware Ace 1.0.5
Vmware Vmware Ace 1.0.4
Vmware Vmware Server 1.0.2
Vmware Vmware Server 1.0.4
Vmware Vmware Esxi 3.5
Vmware Vmware Esx 3.5
Vmware Vmware Workstation 6.0.0.45731
Vmware Vmware Workstation 6.0.1
Vmware Vmware Workstation 5.5.8
1.9
CVSSv2
CVE-2007-5438
Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x prior to 5.5.8 build 108000, VMware Workstation 6.0.x prior to 6.0.5 build 109488, VMware Player 1.x prior to 1.0.8 build 108000, VMware Player 2.x prior to 2.0.5 build 109488, VMwa...
Vmware Vmware Workstation 5.5.2
Vmware Vmware Workstation 5.5.3
Vmware Vmware Workstation 6.0
Vmware Vmware Workstation 6.0.2
Vmware Vmware Player 1.0.4
Vmware Vmware Player 1.0.5
Vmware Vmware Player 2.0.3
Vmware Vmware Player 2.0.4
Vmware Ace 1.0.5
Vmware Ace 1.0.6
Vmware Vmware Server 1.0
Vmware Vmware Server 1.0.1
Vmware Vmware Workstation 5.5.0
Vmware Vmware Workstation 5.5.1
Vmware Vmware Workstation 5.5.8
Vmware Vmware Workstation 6.0.1
Vmware Vmware Player 1.0.1
Vmware Vmware Player 1.0.2
Vmware Vmware Player 1.0.3
Vmware Vmware Player 2.0
Vmware Vmware Player 2.0.2
Vmware Ace 1.0.3
4
CVSSv2
CVE-2016-7459
VMware vCenter Server 5.5 before U3e and 6.0 before U2a allows remote authenticated users to read arbitrary files via a (1) Log Browser, (2) Distributed Switch setup, or (3) Content Library XML document containing an external entity declaration in conjunction with an entity refer...
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.0
7.5
CVSSv2
CVE-2021-22049
The vSphere Web Client (FLEX/Flash) contains an SSRF (Server Side Request Forgery) vulnerability in the vSAN Web Client (vSAN UI) plug-in. A malicious actor with network access to port 443 on vCenter Server may exploit this issue by accessing a URL request outside of vCenter Serv...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
4.3
CVSSv2
CVE-2015-6931
Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote malicious users to inject arbitrary web script or HTML via a crafted URL.
Vmware Vcenter Server 5.1
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.0
4
CVSSv2
CVE-2019-5532
VMware vCenter Server (6.7.x before 6.7 U3, 6.5 before 6.5 U3 and 6.0 before 6.0 U3j) contains an information disclosure vulnerability due to the logging of credentials in plain-text for virtual machines deployed through OVF. A malicious user with access to the log files containi...
Vmware Vcenter Server 6.0
Vmware Vcenter Server 6.7
Vmware Vcenter Server 6.5
5
CVSSv2
CVE-2015-1047
vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote malicious users to cause a denial of service via a long heartbeat message.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.0
Vmware Vcenter Server 5.1
6.8
CVSSv2
CVE-2017-4919
VMware vCenter Server 5.5, 6.0, 6.5 allows vSphere users with certain, limited vSphere privileges to use the VIX API to access Guest Operating Systems without the need to authenticate.
Vmware Vcenter Server 5.5
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-36920
buffer overflow
CVE-2024-36913
CVE-2024-5497
CVE-2024-23917
CVE-2024-4956
server-side request forgery
CVE-2024-35468
SSTI
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »