Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware vulnerabilities and exploits
(subscribe to this query)
801
VMScore
CVE-2008-2097
Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."
Vmware Esx 3.5
Vmware Esxi 3.5
790
VMScore
CVE-2022-22956
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framewor...
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
1 Metasploit module
761
VMScore
CVE-2022-22960
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
1 Article
757
VMScore
CVE-2017-4901
The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.
Vmware Workstation 12.5.2
Vmware Workstation 12.5.3
Vmware Fusion 8.5.2
Vmware Fusion 8.5.1
Vmware Workstation 12.0.1
Vmware Workstation 12.0
Vmware Fusion 8.1.0
Vmware Fusion 8.0.2
Vmware Workstation 12.1
Vmware Workstation 12.1.1
Vmware Fusion 8.5.0
Vmware Fusion 8.1.1
Vmware Workstation 12.5
Vmware Workstation 12.5.1
Vmware Fusion 8.5.4
Vmware Fusion 8.5.3
Vmware Fusion 8.0.1
Vmware Fusion 8.0.0
1 EDB exploit
6 Github repositories
756
VMScore
CVE-2016-1301
The RBAC implementation in Cisco ASA-CX Content-Aware Security software prior to 9.3.1.1(112) and Cisco Prime Security Manager (PRSM) software prior to 9.3.1.1(112) allows remote authenticated users to change arbitrary passwords via a crafted HTTP request, aka Bug ID CSCuo94842.
Cisco Asa Cx Context-aware Security Software 9.1.3-10
Cisco Asa Cx Context-aware Security Software 9.1.2-42
Cisco Asa Cx Context-aware Security Software 9.1.2-29
Cisco Prime Security Manager 9.0.1-40
Cisco Prime Security Manager 9.0.2-68
Cisco Prime Security Manager 9.1.3-13
Cisco Prime Security Manager 9.2.1-1
Cisco Asa Cx Context-aware Security Software 9.1.3-8
Cisco Asa Cx Context-aware Security Software 9.1.3-13
Cisco Asa Cx Context-aware Security Software 9.0.1
Cisco Prime Security Manager 9.0.0
Cisco Prime Security Manager 9.1.3-8
Cisco Prime Security Manager 9.1.3-10
Cisco Asa Cx Context-aware Security Software 9.2.1-4
Cisco Asa Cx Context-aware Security Software 9.2.1-3
Cisco Asa Cx Context-aware Security Software 9.0 Base
Cisco Asa Cx Context-aware Security Software 9.0.2-68
Cisco Prime Security Manager 9.1.0
Cisco Prime Security Manager 9.2.0
Cisco Prime Security Manager 9.2.1-2
Cisco Asa Cx Context-aware Security Software 9.2.1-2
Cisco Asa Cx Context-aware Security Software 9.2.1-1
756
VMScore
CVE-2010-1141
VMware Tools in VMware Workstation 6.5.x prior to 6.5.4 build 246459; VMware Player 2.5.x prior to 2.5.4 build 246459; VMware ACE 2.5.x prior to 2.5.4 build 246459; VMware Server 2.x prior to 2.0.2 build 203138; VMware Fusion 2.x prior to 2.0.6 build 246742; VMware ESXi 3.5 and 4...
Vmware Workstation 6.5.2
Vmware Workstation 6.5.3
Vmware Workstation 6.5.0
Vmware Workstation 6.5.1
Vmware Player 2.5.3
Vmware Player 2.5.1
Vmware Player 2.5.2
Vmware Player 2.5
Vmware Ace 2.5.2
Vmware Ace 2.5.0
Vmware Ace 2.5.1
Vmware Ace 2.5.3
Vmware Server 2.0.2
Vmware Server 2.0.1
Vmware Server 2.0.0
Vmware Fusion 3.0
Vmware Fusion 2.0.5
Vmware Fusion 2.0
Vmware Fusion 2.0.3
Vmware Fusion 2.0.4
Vmware Fusion 2.0.1
Vmware Fusion 2.0.2
756
VMScore
CVE-2010-1142
VMware Tools in VMware Workstation 6.5.x prior to 6.5.4 build 246459; VMware Player 2.5.x prior to 2.5.4 build 246459; VMware ACE 2.5.x prior to 2.5.4 build 246459; VMware Server 2.x prior to 2.0.2 build 203138; VMware Fusion 2.x prior to 2.0.6 build 246742; VMware ESXi 3.5 and 4...
Vmware Workstation 6.5.0
Vmware Workstation 6.5.3
Vmware Workstation 6.5.1
Vmware Workstation 6.5.2
Vmware Player 2.5
Vmware Player 2.5.3
Vmware Player 2.5.1
Vmware Player 2.5.2
Vmware Ace 2.5.3
Vmware Ace 2.5.0
Vmware Ace 2.5.1
Vmware Ace 2.5.2
Vmware Server 2.0.0
Vmware Server 2.0.2
Vmware Server 2.0.1
Vmware Fusion 2.0.5
Vmware Fusion 2.0
Vmware Fusion 3.0
Vmware Fusion 2.0.1
Vmware Fusion 2.0.2
Vmware Fusion 2.0.3
Vmware Fusion 2.0.4
755
VMScore
CVE-2017-4914
VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote malicious user to execute commands on the appliance.
Vmware Vsphere Data Protection 5.5.6
Vmware Vsphere Data Protection 5.5.7
Vmware Vsphere Data Protection 5.8.2
Vmware Vsphere Data Protection 5.8.3
Vmware Vsphere Data Protection 6.1.1
Vmware Vsphere Data Protection 6.1.2
Vmware Vsphere Data Protection 5.5.10
Vmware Vsphere Data Protection 5.5.11
Vmware Vsphere Data Protection 6.0.1
Vmware Vsphere Data Protection 6.0.2
Vmware Vsphere Data Protection 6.0.3
Vmware Vsphere Data Protection 5.5.8
Vmware Vsphere Data Protection 5.5.9
Vmware Vsphere Data Protection 5.8.4
Vmware Vsphere Data Protection 6.0.0
Vmware Vsphere Data Protection 6.1.3
Vmware Vsphere Data Protection 5.5.1
Vmware Vsphere Data Protection 5.5.5
Vmware Vsphere Data Protection 5.8.0
Vmware Vsphere Data Protection 5.8.1
Vmware Vsphere Data Protection 6.0.4
Vmware Vsphere Data Protection 6.1.0
1 EDB exploit
755
VMScore
CVE-2013-3520
VMware vCenter Chargeback Manager (aka CBM) prior to 2.5.1 does not proper handle uploads, which allows remote malicious users to execute arbitrary code via unspecified vectors.
Vmware Vcenter Chargeback Manager 1.6.0
Vmware Vcenter Chargeback Manager 1.6.2
Vmware Vcenter Chargeback Manager 2.0.0
Vmware Vcenter Chargeback Manager
Vmware Vcenter Chargeback Manager 2.0.1
Vmware Vcenter Chargeback Manager 1.6.1
Vmware Vcenter Chargeback Manager 1.5.0
1 EDB exploit
755
VMScore
CVE-2010-1205
Buffer overflow in pngpread.c in libpng prior to 1.2.44 and 1.4.x prior to 1.4.3, as used in progressive applications, might allow remote malicious users to execute arbitrary code via a PNG image that triggers an additional data row.
Libpng Libpng
Google Chrome
Apple Itunes
Apple Safari
Apple Iphone Os
Apple Mac Os X Server
Apple Mac Os X
Fedoraproject Fedora 13
Fedoraproject Fedora 12
Suse Linux Enterprise Server 10
Opensuse Opensuse 11.1
Suse Linux Enterprise Server 11
Suse Linux Enterprise Server 9
Opensuse Opensuse 11.2
Vmware Player
Vmware Workstation
Canonical Ubuntu Linux 9.04
Canonical Ubuntu Linux 9.10
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 6.06
Debian Debian Linux 5.0
1 EDB exploit
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »