Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
294
VMScore
CVE-2015-1044
vmware-authd (aka the Authorization process) in VMware Workstation 10.x prior to 10.0.5, VMware Player 6.x prior to 6.0.5, and VMware ESXi 5.0 up to and including 5.5 allows malicious users to cause a host OS denial of service via unspecified vectors.
Vmware Workstation 10.0.3
Vmware Workstation 10.0.4
Vmware Workstation 10.0
Vmware Workstation 10.0.1
Vmware Workstation 10.0.2
Vmware Esxi 5.0
Vmware Esxi 5.5
Vmware Esxi 5.1
Vmware Player 6.0
Vmware Player 6.0.1
Vmware Player 6.0.2
Vmware Player 6.0.3
Vmware Player 6.0.4
739
VMScore
CVE-2012-5458
VMware Workstation 8.x prior to 8.0.5 and VMware Player 4.x prior to 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application.
Vmware Workstation 8.0.4
Vmware Workstation 8.0.2
Vmware Player 4.0.2
Vmware Player 4.0.1
Vmware Workstation 8.0.3
Vmware Player 4.0.3
Vmware Workstation 8.0.1
Vmware Workstation 8.0
Vmware Player 4.0.0.18997
Vmware Player 4.0.4
Vmware Workstation 8.0.0.18997
Vmware Workstation 8.0.1.27038
Vmware Player 4.0
312
VMScore
CVE-2018-6957
VMware Workstation (14.x prior to 14.1.1, 12.x) and Fusion (10.x prior to 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must...
Vmware Workstation Pro 12.1.1
Vmware Workstation Pro 12.5
Vmware Workstation Pro 12.5.1
Vmware Workstation Pro 12.5.2
Vmware Workstation Pro 12.5.7
Vmware Workstation Pro
Vmware Workstation Pro 12.01
Vmware Workstation Pro 12.5.4
Vmware Workstation Pro 12.5.6
Vmware Workstation Pro 12.0
Vmware Workstation Pro 12.1
Vmware Workstation Pro 12.5.3
Vmware Workstation Pro 12.5.5
Vmware Workstation Player 12.5.1
Vmware Workstation Player 12.5.2
Vmware Workstation Player 12.5.3
Vmware Workstation Player 12.5.4
Vmware Workstation Player 12.5.5
Vmware Workstation Player 12.0
Vmware Workstation Player 12.0.1
Vmware Workstation Player 12.1.1
Vmware Workstation Player 12.5.6
614
VMScore
CVE-2008-4915
The CPU hardware emulation in VMware Workstation 6.0.5 and previous versions and 5.5.8 and previous versions; Player 2.0.x up to and including 2.0.5 and 1.0.x up to and including 1.0.8; ACE 2.0.x up to and including 2.0.5 and previous versions, and 1.0.x up to and including 1.0.7...
Vmware Workstation
Vmware Player
Vmware Esx
Vmware Esxi 3.5
Vmware Ace
Vmware Server
320
VMScore
CVE-2006-3589
vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.
Vmware Esx 2.1.1
Vmware Esx 2.1.2
Vmware Esx 2.1
Vmware Server 1.0.1 Build 29996
Vmware Workstation 5.5.3
Vmware Esx 2.0.1
Vmware Infrastructure 3
Vmware Player
Vmware Esx 2.0
Vmware Esx 2.5
Vmware Esx 2.5.2
725
VMScore
CVE-2009-3281
The vmx86 kernel extension in VMware Fusion prior to 2.0.6 build 196839 does not use correct file permissions, which allows host OS users to gain privileges on the host OS via unspecified vectors.
Vmware Fusion 1.1.2
Vmware Fusion 1.1.1
Vmware Fusion 1.1
Vmware Fusion 1.0
Vmware Fusion 2.0.3
Vmware Fusion 2.0.1
Vmware Fusion 1.1.3
Vmware Fusion 2.0.4
Vmware Fusion
Vmware Fusion 2.0.2
Vmware Fusion 2.0
1 EDB exploit
694
VMScore
CVE-2009-3282
Integer overflow in the vmx86 kernel extension in VMware Fusion prior to 2.0.6 build 196839 allows host OS users to cause a denial of service to the host OS via unspecified vectors.
Vmware Fusion 2.0
Vmware Fusion 1.1.3
Vmware Fusion 1.1.2
Vmware Fusion 1.1.1
Vmware Fusion
Vmware Fusion 2.0.2
Vmware Fusion 1.0
Vmware Fusion 2.0.4
Vmware Fusion 2.0.3
Vmware Fusion 2.0.1
Vmware Fusion 1.1
NA
CVE-2022-31656
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain an authentication bypass vulnerability affecting local domain users. A malicious actor with network access to the UI may be able to obtain administrative access without the need to authenticate.
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware One Access 21.08.0.0
Vmware One Access 21.08.0.1
Vmware Access Connector 21.08.0.0
Vmware Access Connector 21.08.0.1
Vmware Access Connector 22.05
Vmware Identity Manager Connector 3.3.4
Vmware Identity Manager Connector 3.3.5
Vmware Identity Manager Connector 3.3.6
Vmware Identity Manager Connector 19.03.0.1
1 Article
NA
CVE-2022-31657
VMware Workspace ONE Access and Identity Manager contain a URL injection vulnerability. A malicious actor with network access may be able to redirect an authenticated user to an arbitrary domain.
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware One Access 21.08.0.0
Vmware One Access 21.08.0.1
Vmware Access Connector 21.08.0.0
Vmware Access Connector 21.08.0.1
Vmware Access Connector 22.05
Vmware Identity Manager Connector 3.3.4
Vmware Identity Manager Connector 3.3.5
Vmware Identity Manager Connector 3.3.6
Vmware Identity Manager Connector 19.03.0.1
NA
CVE-2022-31658
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a remote code execution vulnerability. A malicious actor with administrator and network access can trigger a remote code execution.
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware One Access 21.08.0.1
Vmware One Access 21.08.0.0
Vmware Identity Manager Connector 3.3.4
Vmware Identity Manager Connector 3.3.5
Vmware Identity Manager Connector 3.3.6
Vmware Identity Manager Connector 19.03.0.1
Vmware Access Connector 21.08.0.1
Vmware Access Connector 21.08.0.0
Vmware Access Connector 22.05
1 Article
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-3380
CVE-2024-1694
local file inclusion
CVE-2024-5645
CVE-2024-24919
XSS
CVE-2024-36774
CVE-2024-21306
SQL
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »