Skip to main content

Esx

23 CVEs product

Monthly

CVE-2014-1208 LOW Monitor

VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

VMware Denial Of Service ESXi Fusion Player +2
NVD
CVSS 2.0
3.3
EPSS
0.2%
CVE-2014-1207 MEDIUM This Month

VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Network File Copy (NFC) traffic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

VMware Denial Of Service ESXi Esx
NVD
CVSS 2.0
4.3
EPSS
1.3%
CVE-2013-5973 MEDIUM This Month

VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation VMware Esx ESXi
NVD
CVSS 2.0
4.4
EPSS
0.0%
CVE-2013-3519 HIGH This Week

lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows. Rated high severity (CVSS 7.9). No vendor patch available.

Privilege Escalation VMware Microsoft ESXi Workstation +3
NVD
CVSS 2.0
7.9
EPSS
0.2%
CVE-2013-5970 HIGH This Week

hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

VMware Denial Of Service Esx ESXi
NVD
CVSS 2.0
7.1
EPSS
0.8%
CVE-2013-3658 CRITICAL Act Now

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Path Traversal Esx ESXi
NVD
CVSS 2.0
9.4
EPSS
0.6%
CVE-2013-3657 HIGH This Week

Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service RCE Esx +1
NVD
CVSS 2.0
7.5
EPSS
1.3%
CVE-2013-1661 MEDIUM This Month

VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

VMware Denial Of Service Esx ESXi
NVD
CVSS 2.0
4.3
EPSS
0.4%
CVE-2013-1405 CRITICAL Act Now

VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass VMware Denial Of Service Buffer Overflow RCE +6
NVD
CVSS 2.0
10.0
EPSS
0.9%
CVE-2013-1406 HIGH POC This Week

The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

VMware Information Disclosure Microsoft Workstation Fusion +3
NVD Exploit-DB
CVSS 2.0
7.2
EPSS
0.7%
CVE-2012-5703 MEDIUM This Month

The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Denial Of Service Esx ESXi
NVD
CVSS 2.0
5.0
EPSS
1.0%
CVE-2012-1666 MEDIUM POC This Month

Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

VMware Information Disclosure Workstation Player Fusion +2
NVD Exploit-DB
CVSS 2.0
6.9
EPSS
0.2%
CVE-2012-3289 HIGH This Week

VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection VMware Denial Of Service RCE Workstation +3
NVD
CVSS 2.0
7.8
EPSS
0.6%
CVE-2012-3288 CRITICAL Act Now

VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow VMware Denial Of Service RCE Workstation +4
NVD
CVSS 2.0
9.3
EPSS
1.7%
CVE-2012-2450 CRITICAL Act Now

VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Denial Of Service RCE Workstation Player +3
NVD
CVSS 2.0
9.0
EPSS
1.3%
CVE-2012-2449 CRITICAL Act Now

VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service RCE Workstation +4
NVD
CVSS 2.0
9.0
EPSS
2.0%
CVE-2012-2448 HIGH This Week

VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service RCE ESXi +1
NVD
CVSS 2.0
7.5
EPSS
2.1%
CVE-2012-1517 CRITICAL Act Now

The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service RCE Esx +1
NVD
CVSS 2.0
9.0
EPSS
1.3%
CVE-2012-1516 CRITICAL Act Now

The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service RCE Esx +1
NVD
CVSS 3.1
9.9
EPSS
1.2%
CVE-2012-1518 HIGH This Week

VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation VMware Workstation Player Fusion +2
NVD
CVSS 2.0
8.3
EPSS
0.9%
CVE-2012-1515 HIGH This Week

VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation VMware ESXi Esx
NVD
CVSS 2.0
8.3
EPSS
0.3%
CVE-2012-1510 HIGH This Week

Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow VMware Esx View ESXi
NVD
CVSS 2.0
7.2
EPSS
0.1%
CVE-2012-1508 HIGH This Week

The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation VMware Denial Of Service Esx View +1
NVD
CVSS 2.0
7.2
EPSS
0.1%
EPSS 0% CVSS 3.3
LOW Monitor

VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of. Rated low severity (CVSS 3.3), this vulnerability is low attack complexity. No vendor patch available.

VMware Denial Of Service ESXi +4
NVD
EPSS 1% CVSS 4.3
MEDIUM This Month

VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Network File Copy (NFC) traffic. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

VMware Denial Of Service ESXi +1
NVD
EPSS 0% CVSS 4.4
MEDIUM This Month

VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter. Rated medium severity (CVSS 4.4). No vendor patch available.

Privilege Escalation VMware Esx +1
NVD
EPSS 0% CVSS 7.9
HIGH This Week

lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows. Rated high severity (CVSS 7.9). No vendor patch available.

Privilege Escalation VMware Microsoft +5
NVD
EPSS 1% CVSS 7.1
HIGH This Week

hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic. Rated high severity (CVSS 7.1), this vulnerability is remotely exploitable. No vendor patch available.

VMware Denial Of Service Esx +1
NVD
EPSS 1% CVSS 9.4
CRITICAL Act Now

Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors. Rated critical severity (CVSS 9.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Path Traversal Esx +1
NVD
EPSS 1% CVSS 7.5
HIGH This Week

Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service +3
NVD
EPSS 0% CVSS 4.3
MEDIUM This Month

VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable. No vendor patch available.

VMware Denial Of Service Esx +1
NVD
EPSS 1% CVSS 10.0
CRITICAL Act Now

VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi. Rated critical severity (CVSS 10.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Authentication Bypass VMware Denial Of Service +8
NVD
EPSS 1% CVSS 7.2
HIGH POC This Week

The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. Public exploit code available and no vendor patch available.

VMware Information Disclosure Microsoft +5
NVD Exploit-DB
EPSS 1% CVSS 5.0
MEDIUM This Month

The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. Rated medium severity (CVSS 5.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Denial Of Service Esx +1
NVD
EPSS 0% CVSS 6.9
MEDIUM POC This Month

Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3. Rated medium severity (CVSS 6.9). Public exploit code available and no vendor patch available.

VMware Information Disclosure Workstation +4
NVD Exploit-DB
EPSS 1% CVSS 7.8
HIGH This Week

VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash). Rated high severity (CVSS 7.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Code Injection VMware Denial Of Service +5
NVD
EPSS 2% CVSS 9.3
CRITICAL Act Now

VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through. Rated critical severity (CVSS 9.3), this vulnerability is remotely exploitable. No vendor patch available.

Buffer Overflow VMware Denial Of Service +6
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices,. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

VMware Denial Of Service RCE +5
NVD
EPSS 2% CVSS 9.0
CRITICAL Act Now

VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service +6
NVD
EPSS 2% CVSS 7.5
HIGH This Week

VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service +3
NVD
EPSS 1% CVSS 9.0
CRITICAL Act Now

The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute. Rated critical severity (CVSS 9.0), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service +3
NVD
EPSS 1% CVSS 9.9
CRITICAL Act Now

The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process. Rated critical severity (CVSS 9.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Buffer Overflow VMware Denial Of Service +3
NVD
EPSS 1% CVSS 8.3
HIGH This Week

VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation VMware Workstation +4
NVD
EPSS 0% CVSS 8.3
HIGH This Week

VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in. Rated high severity (CVSS 8.3), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation VMware ESXi +1
NVD
EPSS 0% CVSS 7.2
HIGH This Week

Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Buffer Overflow VMware Esx +2
NVD
EPSS 0% CVSS 7.2
HIGH This Week

The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL. Rated high severity (CVSS 7.2), this vulnerability is low attack complexity. No vendor patch available.

Privilege Escalation VMware Denial Of Service +3
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy