VYPR

Esxi

by VMware

CVEs (139)

  • CVE-2010-0211CriJul 28, 2010
    risk 0.69cvss 9.8epss 0.29

    The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN…

  • CVE-2010-3904HigKEVDec 6, 2010
    risk 0.67cvss 7.8epss 0.11

    The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the…

  • CVE-2012-1516CriMay 4, 2012
    risk 0.65cvss 9.9epss 0.03

    The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving…

  • CVE-2021-21974HigFeb 24, 2021
    risk 0.62cvss 8.8epss 0.45

    OpenSLP as used in ESXi (7.0 before ESXi70U1c-17325551, 6.7 before ESXi670-202102401-SG, 6.5 before ESXi650-202102101-SG) has a heap-overflow vulnerability. A malicious actor residing within the same network segment as ESXi who has access to port 427 may be able to trigger the…

  • CVE-2025-41237CriJul 15, 2025
    risk 0.60cvss 9.3epss 0.00

    VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the…

  • CVE-2025-41236CriJul 15, 2025
    risk 0.60cvss 9.3epss 0.02

    VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrative privileges on a virtual machine with VMXNET3 virtual network adapter may exploit this issue to execute code on the…

  • CVE-2017-16544HigNov 20, 2017
    risk 0.58cvss 8.8epss 0.06

    In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the terminal. This could potentially…

  • CVE-2025-62624HigMay 13, 2026
    risk 0.57cvss epss 0.00

    A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

  • CVE-2025-62623HigMay 13, 2026
    risk 0.57cvss epss 0.00

    A heap-based buffer overflow in the ionic cloud driver for VMware ESXi could allow an attacker to achieve privilege escalation, potentially resulting in arbitrary code execution.

  • CVE-2017-4941HigDec 20, 2017
    risk 0.57cvss 8.8epss 0.03

    VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful…

  • CVE-2017-4933HigDec 20, 2017
    risk 0.57cvss 8.8epss 0.04

    VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption.…

  • CVE-2017-4924HigSep 15, 2017
    risk 0.57cvss 8.8epss 0.01

    VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

  • CVE-2017-4904HigJun 7, 2017
    risk 0.57cvss 8.8epss 0.00

    The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x…

  • CVE-2017-4903HigJun 7, 2017
    risk 0.57cvss 8.8epss 0.00

    VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and…

  • CVE-2017-4902HigJun 7, 2017
    risk 0.57cvss 8.8epss 0.01

    VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.

  • CVE-2016-5330HigAug 8, 2016
    risk 0.55cvss 7.8epss 0.18

    Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local…

  • CVE-2009-2698HigAug 27, 2009
    risk 0.54cvss 7.8epss 0.07

    The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE…

  • CVE-2018-6967HigJul 9, 2018
    risk 0.53cvss 8.1epss 0.02

    VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers…

  • CVE-2018-6966HigJul 9, 2018
    risk 0.53cvss 8.1epss 0.02

    VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers…

  • CVE-2018-6965HigJul 9, 2018
    risk 0.53cvss 8.1epss 0.03

    VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers…

Page 1 of 7