VYPR

Vendor CVEs

VMware

All CVEs

967 total · sorted by risk
  • CVE-2008-4917Dec 9, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to…

  • CVE-2008-4915Nov 10, 2008
    risk 0.00cvss epss 0.00

    The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when…

  • CVE-2008-4281Nov 10, 2008
    risk 0.00cvss epss 0.02

    Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors.

  • CVE-2008-4279Oct 6, 2008
    risk 0.00cvss epss 0.00

    The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5…

  • CVE-2008-4278Oct 6, 2008
    risk 0.00cvss epss 0.00

    VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password.

  • CVE-2008-3691Sep 3, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7…

  • CVE-2008-3698Sep 3, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in the OpenProcess function in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7…

  • CVE-2008-3692Sep 3, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7…

  • CVE-2008-3694Sep 3, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7…

  • CVE-2008-3697Sep 3, 2008
    risk 0.00cvss epss 0.03

    An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request.

  • CVE-2008-3696Sep 3, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7…

  • CVE-2008-2101Sep 3, 2008
    risk 0.00cvss epss 0.00

    The VMware Consolidated Backup (VCB) command-line utilities in VMware ESX 3.0.1 through 3.0.3 and ESX 3.5 place a password on the command line, which allows local users to obtain sensitive information by listing the process.

  • CVE-2008-3695Sep 3, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7…

  • CVE-2008-3693Sep 3, 2008
    risk 0.00cvss epss 0.04

    Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7…

  • CVE-2008-3514Aug 13, 2008
    risk 0.00cvss epss 0.02

    VMware VirtualCenter 2.5 before Update 2 and 2.0.2 before Update 5 relies on client-side "enabled/disabled functionality" for access control, which allows remote attackers to determine valid user names by enabling functionality in the GUI and then making an "attempt to assign…

  • CVE-2008-2097Jun 5, 2008
    risk 0.00cvss epss 0.04

    Buffer overflow in the openwsman management service in VMware ESXi 3.5 and ESX 3.5 allows remote authenticated users to gain privileges via an "invalid Content-Length."

  • CVE-2008-2100Jun 5, 2008
    risk 0.00cvss epss 0.01

    Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary…

  • CVE-2007-5671Jun 5, 2008
    risk 0.00cvss epss 0.00

    HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments…

  • CVE-2008-0967Jun 5, 2008
    risk 0.00cvss epss 0.00

    Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware…

  • CVE-2008-2099Jun 2, 2008
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, and VMware ACE 2 before 2.0.2 build 93057 on Windows allows guest OS users to execute arbitrary code on the host OS via unspecified vectors.

  • CVE-2008-2098Jun 2, 2008
    risk 0.00cvss epss 0.00

    Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used,…

  • CVE-2008-1362Mar 20, 2008
    risk 0.00cvss epss 0.00

    VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges or cause a denial of…

  • CVE-2008-1364Mar 20, 2008
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause a denial of service.

  • CVE-2008-1361Mar 20, 2008
    risk 0.00cvss epss 0.00

    VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified…

  • CVE-2008-1392Mar 20, 2008
    risk 0.00cvss epss 0.03

    The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.

  • CVE-2008-1363Mar 20, 2008
    risk 0.00cvss epss 0.00

    VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain privileges via an unspecified…

  • CVE-2008-1340Mar 20, 2008
    risk 0.00cvss epss 0.02

    Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and…

  • CVE-2008-0923Feb 26, 2008
    risk 0.00cvss epss 0.00

    Directory traversal vulnerability in the Shared Folders feature for VMWare ACE 1.0.2 and 2.0.2, Player 1.0.4 and 2.0.2, and Workstation 5.5.4 and 6.0.2 allows guest OS users to read and write arbitrary files on the host OS via a multibyte string that produces a wide character…

  • CVE-2007-5617Oct 21, 2007
    risk 0.00cvss epss 0.02

    Unspecified vulnerability in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1, prevents it from launching, which has unspecified impact, related to untrusted virtual machine images.

  • CVE-2007-5619Oct 21, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in cleartext in server logs, which might allow local users to gain privileges.

  • CVE-2007-5618Oct 21, 2007
    risk 0.00cvss epss 0.00

    Unquoted Windows search path vulnerability in the Authorization and other services in VMware Player 1.0.x before 1.0.5 and 2.0 before 2.0.1, VMware Server before 1.0.4, and Workstation 5.x before 5.5.5 and 6.x before 6.0.1 might allow local users to gain privileges via malicious…

  • CVE-2007-5438Oct 13, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE…

  • CVE-2007-5024Sep 21, 2007
    risk 0.00cvss epss 0.00

    EMC VMware Server before 1.0.4 Build 56528 writes passwords in cleartext to unspecified log files, which allows local users to obtain sensitive information by reading these files, a different vulnerability than CVE-2005-3620.

  • CVE-2007-5023Sep 21, 2007
    risk 0.00cvss epss 0.00

    Unquoted Windows search path vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075, and Server before 1.0.4 Build 56528 allows local…

  • CVE-2007-4497Sep 21, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build…

  • CVE-2007-4496Sep 21, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build…

  • CVE-2007-5025Sep 21, 2007
    risk 0.00cvss epss 0.01

    Unspecified vulnerability in EMC VMware ACE before 1.0.3 Build 54075 allows attackers to have an unknown impact via an unspecified manipulation of "images stored in virtual machines downloaded by the user."

  • CVE-2007-4593Aug 29, 2007
    risk 0.00cvss epss 0.00

    Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) via unspecified vectors, as demonstrated by the DC2 test suite, possibly a related issue to CVE-2007-4591. NOTE: the provenance…

  • CVE-2007-4591Aug 29, 2007
    risk 0.00cvss epss 0.00

    vstor-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) and possibly gain privileges by sending a small file buffer size value to the FsSetVolumeInformation IOCTL handler with an FsSetFileInformation subcode.

  • CVE-2007-2491May 4, 2007
    risk 0.00cvss epss 0.00

    The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified…

  • CVE-2007-1069May 2, 2007
    risk 0.00cvss epss 0.02

    The memory management in VMware Workstation before 5.5.4 allows attackers to cause a denial of service (Windows virtual machine crash) by triggering certain general protection faults (GPF).

  • CVE-2007-1877May 2, 2007
    risk 0.00cvss epss 0.02

    VMware Workstation before 5.5.4 allows attackers to cause a denial of service against the guest OS by causing the virtual machine process (VMX) to store malformed configuration information.

  • CVE-2007-1337May 2, 2007
    risk 0.00cvss epss 0.02

    The virtual machine process (VMX) in VMware Workstation before 5.5.4 does not properly read state information when moving from the ACPI sleep state to the run state, which allows attackers to cause a denial of service (virtual machine reboot) via unknown vectors.

  • CVE-2007-1744May 2, 2007
    risk 0.00cvss epss 0.00

    Directory traversal vulnerability in the Shared Folders feature for VMware Workstation before 5.5.4, when a folder is shared, allows users on the guest system to write to arbitrary files on the host system via the "Backdoor I/O Port" interface.

  • CVE-2007-1876May 2, 2007
    risk 0.00cvss epss 0.00

    VMware Workstation before 5.5.4, when running a 64-bit Windows guest on a 64-bit host, allows local users to "corrupt the virtual machine's register context" by debugging a local program and stepping into a "syscall instruction."

  • CVE-2007-1271Apr 6, 2007
    risk 0.00cvss epss 0.00

    Buffer overflow in VMware ESX Server 3.0.0 and 3.0.1 might allow attackers to gain privileges or cause a denial of service (application crash) via unspecified vectors.

  • CVE-2007-1270Apr 6, 2007
    risk 0.00cvss epss 0.03

    Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors.

  • CVE-2007-1056Feb 21, 2007
    risk 0.00cvss epss 0.00

    VMware Workstation 5.5.3 build 34685 does not provide per-user restrictions on certain privileged actions, which allows local users to perform restricted operations such as changing system time, accessing hardware components, and stopping the "VMware tools service" service.…

  • CVE-2007-0833Feb 7, 2007
    risk 0.00cvss epss 0.00

    VMware Workstation 5.5.3 34685, when the "Enable copy and paste to and from this virtual machine" option is enabled, preserves clipboard data on the guest operating system after it was deleted on the host operating system, which might allow local users to read clipboard contents…

  • CVE-2007-0832Feb 7, 2007
    risk 0.00cvss epss 0.00

    VMware Workstation 5.5.3 34685 does not immediately change the availability of a shared clipboard when the "Enable copy and paste to and from this virtual machine" checkbox is changed, which allows local users to obtain sensitive information or conduct certain attacks that are…

Page 19 of 20