Filtered by vendor Vmware
Subscriptions
Total
876 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2012-3288 | 1 Vmware | 5 Esx, Esxi, Fusion and 2 more | 2017-09-19 | N/A |
| VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file. | ||||
| CVE-2012-1509 | 1 Vmware | 1 View | 2017-09-19 | N/A |
| Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors. | ||||
| CVE-2010-1143 | 1 Vmware | 1 View Manager | 2017-09-19 | N/A |
| Cross-site scripting (XSS) vulnerability in VMware View (formerly Virtual Desktop Manager or VDM) 3.1.x before 3.1.3 build 252693 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2010-1141 | 2 Microsoft, Vmware | 8 Windows, Ace, Esx and 5 more | 2017-09-19 | N/A |
| VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; VMware ESXi 3.5 and 4.0; and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0 does not properly access libraries, which allows user-assisted remote attackers to execute arbitrary code by tricking a Windows guest OS user into clicking on a file that is stored on a network share. | ||||
| CVE-2010-1137 | 1 Vmware | 3 Esx Server, Server, Virtualcenter | 2017-09-19 | N/A |
| Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a virtual machine. | ||||
| CVE-2009-2277 | 1 Vmware | 2 Esx Server, Virtualcenter | 2017-09-19 | N/A |
| Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "context data." | ||||
| CVE-2015-1044 | 1 Vmware | 3 Esxi, Player, Workstation | 2017-09-08 | N/A |
| vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors. | ||||
| CVE-2015-1043 | 1 Vmware | 3 Fusion, Player, Workstation | 2017-09-08 | N/A |
| The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors. | ||||
| CVE-2014-8370 | 1 Vmware | 4 Esxi, Fusion, Player and 1 more | 2017-09-08 | N/A |
| VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file. | ||||
| CVE-2016-7084 | 2 Microsoft, Vmware | 3 Windows, Workstation Player, Workstation Pro | 2017-09-03 | N/A |
| tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image. | ||||
| CVE-2016-7083 | 2 Microsoft, Vmware | 3 Windows, Workstation Player, Workstation Pro | 2017-09-03 | N/A |
| VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL. | ||||
| CVE-2016-2082 | 1 Vmware | 1 Vrealize Log Insight | 2017-09-01 | N/A |
| Cross-site request forgery (CSRF) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to hijack the authentication of unspecified victims via unknown vectors. | ||||
| CVE-2016-2081 | 1 Vmware | 1 Vrealize Log Insight | 2017-09-01 | N/A |
| Cross-site scripting (XSS) vulnerability in VMware vRealize Log Insight 2.x and 3.x before 3.3.2 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. | ||||
| CVE-2016-2079 | 1 Vmware | 2 Nsx Edge, Vcloud Networking And Security Edge | 2017-09-01 | N/A |
| VMware NSX Edge 6.1 before 6.1.7 and 6.2 before 6.2.3 and vCNS Edge 5.5 before 5.5.4.3, when the SSL-VPN feature is configured, allow remote attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2015-6931 | 1 Vmware | 1 Vcenter Server | 2017-09-01 | N/A |
| Cross-site scripting (XSS) vulnerability in the vSphere Web Client in VMware vCenter Server 5.0 before U3g, 5.1 before U3d, and 5.5 before U2d allows remote attackers to inject arbitrary web script or HTML via a crafted URL. | ||||
| CVE-2014-4632 | 1 Vmware | 1 Vsphere Data Protection | 2017-08-29 | N/A |
| VMware vSphere Data Protection (VDP) 5.1, 5.5 before 5.5.9, and 5.8 before 5.8.1 and the proxy client in EMC Avamar Data Store (ADS) and Avamar Virtual Edition (AVE) 6.x and 7.0.x do not properly verify X.509 certificates from vCenter Server SSL servers, which allows man-in-the-middle attackers to spoof servers, and bypass intended backup and restore access restrictions, via a crafted certificate. | ||||
| CVE-2014-4200 | 1 Vmware | 3 Tools, Vm-support, Workstation | 2017-08-29 | N/A |
| vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive. | ||||
| CVE-2014-4199 | 1 Vmware | 3 Tools, Vm-support, Workstation | 2017-08-29 | N/A |
| vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp. | ||||
| CVE-2014-3796 | 1 Vmware | 2 Nsx, Vcloud Networking And Security | 2017-08-29 | N/A |
| VMware NSX 6.0 before 6.0.6, and vCloud Networking and Security (vCNS) 5.1 before 5.1.4.2 and 5.5 before 5.5.3, does not properly validate input, which allows attackers to obtain sensitive information via unspecified vectors. | ||||
| CVE-2014-1211 | 1 Vmware | 1 Vcloud Director | 2017-08-29 | N/A |
| Cross-site request forgery (CSRF) vulnerability in VMware vCloud Director 5.1.x before 5.1.3 allows remote attackers to hijack the authentication of arbitrary users for requests that trigger a logout. | ||||