Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vcenter server vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2019-5492
Element Plug-in for vCenter Server versions before 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions before 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.
Netapp Hyper Converged Infrastructure Compute Node
Netapp Element Plug-in For Vcenter Server
445
VMScore
CVE-2017-4927
VMware vCenter Server (6.5 before 6.5 U1 and 6.0 before 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service.
Vmware Vcenter Server
445
VMScore
CVE-2017-4928
The flash-based vSphere Web Client (6.0 before 6.0 U3c and 5.5 before 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization of URLs. An attacker may exploit these issues by sending a POST request with modified...
Vmware Vcenter Server 6.0
Vmware Vcenter Server 5.5
445
VMScore
CVE-2017-4923
VMware vCenter Server (6.5 before 6.5 U1) contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature.
Vmware Vcenter Server 6.5
445
VMScore
CVE-2017-4917
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained.
Vmware Vsphere Data Protection 5.8.2
Vmware Vsphere Data Protection 5.5.10
Vmware Vsphere Data Protection 6.1.0
Vmware Vsphere Data Protection 6.0.3
Vmware Vsphere Data Protection 6.0.1
Vmware Vsphere Data Protection 6.1.3
Vmware Vsphere Data Protection 5.5.7
Vmware Vsphere Data Protection 5.8.4
Vmware Vsphere Data Protection 5.5.11
Vmware Vsphere Data Protection 5.8.1
Vmware Vsphere Data Protection 6.1.1
Vmware Vsphere Data Protection 5.8.3
Vmware Vsphere Data Protection 5.5.6
Vmware Vsphere Data Protection 5.5.9
Vmware Vsphere Data Protection 6.0.0
Vmware Vsphere Data Protection 6.0.4
Vmware Vsphere Data Protection 6.1.2
Vmware Vsphere Data Protection 5.5.5
Vmware Vsphere Data Protection 5.5.8
Vmware Vsphere Data Protection 6.0.2
Vmware Vsphere Data Protection 5.8.0
445
VMScore
CVE-2016-7458
VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML External Entity (XXE) issue.
Vmware Vsphere Client 5.5
Vmware Vsphere Client 6.0
445
VMScore
CVE-2015-1047
vpxd in VMware vCenter Server 5.0 before u3e, 5.1 before u3, and 5.5 before u2 allows remote malicious users to cause a denial of service via a long heartbeat message.
Vmware Vcenter Server 5.0
Vmware Vcenter Server 5.5
Vmware Vcenter Server 5.1
437
VMScore
CVE-2009-1072
nfsd in the Linux kernel prior to 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option.
Linux Linux Kernel
Opensuse Opensuse 11.1
Opensuse Opensuse 11.0
Opensuse Opensuse 10.3
Suse Linux Enterprise Server 10
Suse Linux Enterprise Desktop 10
Debian Debian Linux 5.0
Debian Debian Linux 4.0
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Vmware Vcenter Server 4.0
Vmware Virtualcenter 2.0.2
Vmware Virtualcenter 2.5
Vmware Server 2.0.0
Vmware Esx 3.5
Vmware Esx 4.0
Vmware Esx 3.0.3
Vmware Vma 4.0
409
VMScore
CVE-2021-21991
The vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. A malicious actor with non-administrative user access on vCenter Server host may exploit this issue to escalate privileges to Administrator on the vSphere Client (HTML...
Vmware Vcenter Server 6.5
Vmware Vcenter Server 6.7
Vmware Vcenter Server 7.0
Vmware Cloud Foundation
392
VMScore
CVE-2013-5973
VMware ESXi 4.0 up to and including 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp ...
Vmware Esx 4.1
Vmware Esx 4.0
Vmware Esxi 4.1
Vmware Esxi 4.0
Vmware Esxi 5.1
Vmware Esxi 5.0
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
path traversal
CVE-2024-33545
CVE-2024-35725
CVE-2024-32704
overflow
file upload
CVE-2024-0230
CVE-2024-32705
CVE-2024-23692
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »