Filtered by vendor Vmware
Subscriptions
Total
876 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2010-1139 | 2 Linux, Vmware | 6 Linux Kernel, Fusion, Player and 3 more | 2013-05-15 | N/A |
| Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows local users to gain privileges via format string specifiers in process metadata. | ||||
| CVE-2010-1138 | 2 Microsoft, Vmware | 6 Windows, Ace, Fusion and 3 more | 2013-05-15 | N/A |
| The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMware Fusion 3.0 before 3.0.1 build 232708 and 2.x before 2.0.7 build 246742 allows remote attackers to obtain sensitive information from memory on the host OS by examining received network packets, related to interaction between the guest OS and the host vmware-vmx process. | ||||
| CVE-2012-5703 | 1 Vmware | 2 Esx, Esxi | 2013-03-12 | N/A |
| The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. | ||||
| CVE-2012-5051 | 1 Vmware | 1 Capacityiq | 2013-02-02 | N/A |
| Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors. | ||||
| CVE-2011-2732 | 1 Vmware | 1 Springsource Spring Security | 2012-12-06 | N/A |
| CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter. | ||||
| CVE-2011-4404 | 1 Vmware | 1 Vcenter Update Manager | 2011-12-13 | N/A |
| The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523. | ||||
| CVE-2007-2491 | 1 Vmware | 2 Server, Workstation | 2011-03-08 | N/A |
| The PIIX4 power management subsystem in EMC VMware Workstation 5.5.3.34685 and VMware Server 1.0.1.29996 allows local users to write to arbitrary memory locations via a crafted poke to I/O port 0x1004, triggering a denial of service (virtual machine crash) or other unspecified impact, a related issue to CVE-2007-1337. | ||||
| CVE-2010-0686 | 1 Vmware | 3 Esx Server, Server, Virtualcenter | 2010-04-28 | N/A |
| WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via unspecified vectors, related to a "URL forwarding vulnerability." | ||||
| CVE-2010-1193 | 1 Vmware | 1 Server | 2010-04-28 | N/A |
| Cross-site scripting (XSS) vulnerability in WebAccess in VMware Server 2.0 allows remote attackers to inject arbitrary web script or HTML via vectors related to JSON error messages. | ||||
| CVE-2009-1565 | 2 Microsoft, Vmware | 5 Windows, Movie Decoder, Player and 2 more | 2010-04-22 | N/A |
| vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors." | ||||
| CVE-2009-1564 | 2 Microsoft, Vmware | 5 Windows, Movie Decoder, Player and 2 more | 2010-04-22 | N/A |
| Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding. | ||||
| CVE-2007-5619 | 1 Vmware | 1 Server | 2009-10-14 | N/A |
| Unspecified vulnerability in VMware Server before 1.0.4 causes user passwords to be recorded in cleartext in server logs, which might allow local users to gain privileges. | ||||
| CVE-2007-4593 | 1 Vmware | 1 Workstation | 2008-11-15 | N/A |
| Unspecified vulnerability in vstor2-ws60.sys in VMWare Workstation 6.0 allows local users to cause a denial of service (host operating system crash) via unspecified vectors, as demonstrated by the DC2 test suite, possibly a related issue to CVE-2007-4591. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. | ||||
| CVE-2000-0090 | 1 Vmware | 1 Workstation | 2008-09-10 | N/A |
| VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | ||||
| CVE-1999-0733 | 1 Vmware | 1 Workstation | 2008-09-09 | N/A |
| Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable. | ||||
| CVE-2005-2939 | 1 Vmware | 1 Workstation | 2008-09-05 | N/A |
| Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. | ||||