Vendor
VMware
VMware LLC is an American cloud computing and virtualization technology company headquartered in Palo Alto, California, U.S. On November 22, 2023, Broadcom acquired VMware in a cash-and-stock transaction valued at $69 billion, with the End-User Computing division of VMware then sold to KKR and rebranded to Omnissa. VMware was the first commercially successful company to virtualize the x86 architecture.
Founded 1998
Products
81
CVEs
439
Across products
4,251
Status
Private
Products
81- 799 CVEs
- 679 CVEs
- 447 CVEs
- 287 CVEs
- 267 CVEs
- 212 CVEs
- 202 CVEs
- 179 CVEs
- 147 CVEs
- 102 CVEs
- 84 CVEs
- 73 CVEs
- 71 CVEs
- 62 CVEs
- 52 CVEs
- 50 CVEs
- 49 CVEs
- 41 CVEs
- 40 CVEs
- 26 CVEs
- 26 CVEs
- 24 CVEs
- 21 CVEs
- 20 CVEs
- 19 CVEs
- 16 CVEs
- 15 CVEs
- 15 CVEs
- 14 CVEs
- 14 CVEs
- + 51 more — see CVE list below for full coverage.
Recent CVEs
439| CVE | Sev | Risk | CVSS | EPSS | KEV | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2014-7169 | Cri | 0.86 | 9.8 | 0.89 | KEV | Sep 25, 2014 | GNU Bash through 4.3 bash43-025 processes trailing strings after certain malformed function definitions in the values of environment variables, which allows remote attackers to write to files or possibly have unknown other impact via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution. NOTE: this vulnerability exists because of an incomplete fix for CVE-2014-6271. |
| CVE-2014-6271 | Cri | 0.86 | 9.8 | 0.94 | KEV | Sep 24, 2014 | GNU Bash through 4.3 processes trailing strings after function definitions in the values of environment variables, which allows remote attackers to execute arbitrary code via a crafted environment, as demonstrated by vectors involving the ForceCommand feature in OpenSSH sshd, the mod_cgi and mod_cgid modules in the Apache HTTP Server, scripts executed by unspecified DHCP clients, and other situations in which setting the environment occurs across a privilege boundary from Bash execution, aka "ShellShock." NOTE: the original fix for this issue was incorrect; CVE-2014-7169 has been assigned to cover the vulnerability that is still present after the incorrect fix. |
| CVE-2016-7456 | Cri | 0.73 | 9.8 | 0.82 | Dec 29, 2016 | VMware vSphere Data Protection (VDP) 5.5.x though 6.1.x has an SSH private key with a publicly known password, which makes it easier for remote attackers to obtain login access via an SSH session. | |
| CVE-2010-0211 | Cri | 0.70 | 9.8 | 0.43 | Jul 28, 2010 | The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. | |
| CVE-2017-4901 | Cri | 0.68 | 9.9 | 0.14 | Jun 8, 2017 | The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion. | |
| CVE-2017-4914 | Cri | 0.68 | 9.8 | 0.13 | Jun 7, 2017 | VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x contains a deserialization issue. Exploitation of this issue may allow a remote attacker to execute commands on the appliance. | |
| CVE-2010-1205 | Cri | 0.68 | 9.8 | 0.15 | Jun 30, 2010 | Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | |
| CVE-2026-31431 | Hig | 0.66 | 7.8 | 0.03 | KEV | Apr 22, 2026 | In the Linux kernel, the following vulnerability has been resolved: crypto: algif_aead - Revert to operating out-of-place This mostly reverts commit 72548b093ee3 except for the copying of the associated data. There is no benefit in operating in-place in algif_aead since the source and destination come from different mappings. Get rid of all the complexity added for in-place operation and just copy the AD directly. |
| CVE-2010-3904 | Hig | 0.66 | 7.8 | 0.02 | KEV | Dec 6, 2010 | The rds_page_copy_user function in net/rds/page.c in the Reliable Datagram Sockets (RDS) protocol implementation in the Linux kernel before 2.6.36 does not properly validate addresses obtained from user space, which allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls. |
| CVE-2016-2173 | Cri | 0.65 | 9.8 | 0.21 | Apr 21, 2017 | org.springframework.core.serializer.DefaultDeserializer in Spring AMQP before 1.5.5 allows remote attackers to execute arbitrary code. | |
| CVE-2017-4923 | Cri | 0.64 | 9.8 | 0.01 | Aug 1, 2017 | VMware vCenter Server (6.5 prior to 6.5 U1) contains an information disclosure vulnerability. This issue may allow plaintext credentials to be obtained when using the vCenter Server Appliance file-based backup feature. | |
| CVE-2017-4918 | Cri | 0.64 | 9.8 | 0.03 | Jun 8, 2017 | VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed. | |
| CVE-2017-4907 | Cri | 0.64 | 9.8 | 0.03 | Jun 8, 2017 | VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway. | |
| CVE-2017-4917 | Cri | 0.64 | 9.8 | 0.00 | Jun 7, 2017 | VMware vSphere Data Protection (VDP) 6.1.x, 6.0.x, 5.8.x, and 5.5.x locally stores vCenter Server credentials using reversible encryption. This issue may allow plaintext credentials to be obtained. | |
| CVE-2017-6821 | Cri | 0.64 | 9.8 | 0.01 | May 23, 2017 | Directory traversal vulnerability in Zimbra Collaboration Suite (aka ZCS) before 8.7.6 allows attackers to have unspecified impact via unknown vectors. | |
| CVE-2017-6813 | Cri | 0.64 | 9.8 | 0.01 | May 23, 2017 | A service provided by Zimbra Collaboration Suite (ZCS) before 8.7.6 fails to require needed privileges before performing a few requested operations. | |
| CVE-2016-9924 | Cri | 0.64 | 9.8 | 0.01 | Mar 29, 2017 | Zimbra Collaboration Suite (ZCS) before 8.7.4 allows remote attackers to conduct XML External Entity (XXE) attacks. | |
| CVE-2016-5336 | Cri | 0.64 | 9.8 | 0.02 | Aug 31, 2016 | VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors. | |
| CVE-2016-5333 | Cri | 0.64 | 9.8 | 0.02 | Aug 31, 2016 | VMware Photos OS OVA 1.0 before 2016-08-14 has a default SSH public key in an authorized_keys file, which allows remote attackers to obtain SSH access by leveraging knowledge of the private key. | |
| CVE-2016-2077 | Cri | 0.64 | 9.8 | 0.01 | May 18, 2016 | VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors. |