Filtered by vendor Vmware
Subscriptions
Filtered by product Esxi
Subscriptions
Total
146 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2013-1659 | 1 Vmware | 3 Esxi, Vcenter Server, Vcenter Server Appliance | 2025-04-11 | N/A |
| VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream. | ||||
| CVE-2010-1142 | 2 Microsoft, Vmware | 8 Windows, Ace, Esx and 5 more | 2025-04-11 | N/A |
| VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly load VMware programs, which might allow Windows guest OS users to gain privileges by placing a Trojan horse program at an unspecified location on the guest OS disk. | ||||
| CVE-2013-1406 | 2 Microsoft, Vmware | 6 Windows, Esx, Esxi and 3 more | 2025-04-11 | N/A |
| The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors. | ||||
| CVE-2012-1515 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | N/A |
| VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. | ||||
| CVE-2013-3519 | 1 Vmware | 5 Esx, Esxi, Fusion and 2 more | 2025-04-11 | N/A |
| lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation. | ||||
| CVE-2011-2145 | 3 Freebsd, Oracle, Vmware | 7 Freebsd, Solaris, Esx and 4 more | 2025-04-11 | N/A |
| mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error." | ||||
| CVE-2011-1789 | 1 Vmware | 3 Esx, Esxi, Vcenter | 2025-04-11 | N/A |
| The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer. | ||||
| CVE-2011-1787 | 1 Vmware | 5 Esx, Esxi, Fusion and 2 more | 2025-04-11 | N/A |
| Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory. | ||||
| CVE-2010-4263 | 3 Linux, Redhat, Vmware | 4 Linux Kernel, Enterprise Linux, Esx and 1 more | 2025-04-11 | N/A |
| The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. | ||||
| CVE-2010-0211 | 5 Apple, Openldap, Opensuse and 2 more | 6 Mac Os X, Mac Os X Server, Openldap and 3 more | 2025-04-11 | 9.8 Critical |
| The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. | ||||
| CVE-2013-3658 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | N/A |
| Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors. | ||||
| CVE-2013-3657 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | N/A |
| Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. | ||||
| CVE-2010-1141 | 2 Microsoft, Vmware | 8 Windows, Ace, Esx and 5 more | 2025-04-11 | N/A |
| VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. | ||||
| CVE-2013-1661 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | N/A |
| VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled exception and application crash) by modifying the client-server data stream. | ||||
| CVE-2013-5973 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | N/A |
| VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename. | ||||
| CVE-2012-2448 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | N/A |
| VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic. | ||||
| CVE-2012-2449 | 1 Vmware | 5 Esx, Esxi, Fusion and 2 more | 2025-04-11 | N/A |
| VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. | ||||
| CVE-2012-2450 | 1 Vmware | 5 Esx, Esxi, Fusion and 2 more | 2025-04-11 | N/A |
| VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. | ||||
| CVE-2012-3288 | 1 Vmware | 5 Esx, Esxi, Fusion and 2 more | 2025-04-11 | N/A |
| VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file. | ||||
| CVE-2012-5703 | 1 Vmware | 2 Esx, Esxi | 2025-04-11 | N/A |
| The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. | ||||