VYPR

Esx

by VMware

CVEs (93)

  • CVE-2007-5671Jun 5, 2008
    risk 0.00cvss epss 0.00

    HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments…

  • CVE-2008-2097Jun 5, 2008
    risk 0.00cvss epss 0.04

    Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."

  • CVE-2008-0967Jun 5, 2008
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware…

  • CVE-2008-2100Jun 5, 2008
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary…

  • CVE-2007-1271Apr 6, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors.

  • CVE-2007-1270Apr 6, 2007
    risk 0.00cvss epss 0.03

    Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors.

  • CVE-2006-3589Jul 21, 2006
    risk 0.00cvss epss 0.00

    vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.

  • CVE-2005-3618Dec 31, 2005
    risk 0.00cvss epss 0.03

    Cross-site request forgery (CSRF) vulnerability in the management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 allows allows remote attackers to perform unauthorized actions as the administrator via URLs, as…

  • CVE-2005-4773Dec 31, 2005
    risk 0.00cvss epss 0.00

    The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and 2.5.x allows local users to cause a denial of service (shutdown) via the (1) halt, (2) poweroff, and (3) reboot scripts executed at the service console.

  • CVE-2005-3620Dec 31, 2005
    risk 0.00cvss epss 0.00

    The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local users to gain privileges.

  • CVE-2005-3619Dec 31, 2005
    risk 0.00cvss epss 0.01

    Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5.2 upgrade patch 2, 2.1.x before 2.1.2 upgrade patch 6, and 2.0.x before 2.0.1 upgrade patch 6 allows remote attackers to inject arbitrary web script or HTML via messages that are…

  • CVE-2005-4583Dec 29, 2005
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in the Management Interface in VMware ESX Server 2.x up to 2.5.x before 24 December 2005 allows "remote code execution in the Web browser" via unspecified attack vectors, probably related to cross-site scripting (XSS).

  • CVE-2003-1291Dec 31, 2003
    risk 0.00cvss epss 0.00

    VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.

Page 5 of 5