Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2019-19726
OpenBSD up to and including 6.6 allows local users to escalate to root because a check for LD_LIBRARY_PATH in setuid programs can be defeated by setting a very small RLIMIT_DATA resource limit. When executing chpass or passwd (which are setuid root), _dl_setup_env in ld.so tries ...
Openbsd Openbsd
1 Article
801
VMScore
CVE-2019-5515
VMware Workstation (15.x prior to 15.0.3, 14.x prior to 14.1.6) and Fusion (11.x prior to 11.0.3, 10.x prior to 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on ...
Vmware Workstation
Vmware Fusion
801
VMScore
CVE-2019-5524
VMware Workstation (14.x prior to 14.1.6) and Fusion (10.x prior to 10.1.6) contain an out-of-bounds write vulnerability in the e1000 virtual network adapter. This issue may allow a guest to execute code on the host.
Vmware Fusion
Vmware Workstation
801
VMScore
CVE-2015-6335
The policy implementation in Cisco FireSIGHT Management Center 5.3.1.7, 5.4.0.4, and 6.0.0 for VMware allows remote authenticated administrators to bypass intended policy restrictions and execute Linux commands as root via unspecified vectors, aka Bug ID CSCuw12839.
Cisco Firesight System Software 5.4.0.4
Cisco Firesight System Software 6.0.0
Cisco Firesight System Software 5.3.1.7
801
VMScore
CVE-2014-8373
The VMware Remote Console (VMRC) function in VMware vCloud Automation Center (vCAC) 6.0.1 up to and including 6.1.1 allows remote authenticated users to gain privileges via vectors involving the "Connect (by) Using VMRC" function.
Vmware Vcloud Automation Center 6.1.1
Vmware Vcloud Automation Center 6.0.1.1
Vmware Vcloud Automation Center 6.0.1
Vmware Vcloud Automation Center 6.1
Vmware Vcloud Automation Center 6.0.1.2
801
VMScore
CVE-2014-3790
Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by escaping from a chroot jail.
Vmware Vcenter Server Appliance 5.5
Vmware Vcenter Server Appliance 5.1
801
VMScore
CVE-2013-3079
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface (VAMI) access.
Vmware Vcenter Server Appliance 5.1
801
VMScore
CVE-2013-3080
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface acc...
Vmware Vcenter Server Appliance 5.1
801
VMScore
CVE-2012-1516
The VMX process in VMware ESXi 3.5 up to and including 4.1 and ESX 3.5 up to and including 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS vi...
Vmware Esx 4.0
Vmware Esx 4.1
Vmware Esx 3.5
Vmware Esxi 4.0
Vmware Esxi 4.1
Vmware Esxi 3.5
801
VMScore
CVE-2012-2450
VMware Workstation 8.x prior to 8.0.3, VMware Player 4.x prior to 4.0.3, VMware Fusion 4.x prior to 4.1.2, VMware ESXi 3.5 up to and including 5.0, and VMware ESX 3.5 up to and including 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of s...
Vmware Workstation 8.0.1
Vmware Workstation 8.0
Vmware Workstation 8.0.2
Vmware Player 4.0.1
Vmware Player 4.0
Vmware Player 4.0.2
Vmware Fusion 4.1
Vmware Fusion 4.0
Vmware Fusion 4.1.1
Vmware Fusion 4.0.1
Vmware Fusion 4.0.2
Vmware Esxi 4.1
Vmware Esxi 4.0
Vmware Esxi 5.0
Vmware Esxi 3.5
Vmware Esx 4.0
Vmware Esx 4.1
Vmware Esx 3.5
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33572
CVE-2024-24919
CVE-2024-0230
CVE-2024-32714
HTML injection
local file inclusion
CVE-2024-31098
CVE-2024-31244
privilege
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »