Search Results (Refine Search)
- CPE Product Version: cpe:/o:vmware:esxi:4.1
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2012-1516 |
The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.1: 9.9 CRITICAL V2.0: 9.0 HIGH |
CVE-2012-1518 |
VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors. Published: April 17, 2012; 5:55:01 PM -0400 |
V3.x:(not available) V2.0: 8.3 HIGH |
CVE-2012-1515 |
VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. Published: April 02, 2012; 6:46:44 AM -0400 |
V3.x:(not available) V2.0: 8.3 HIGH |
CVE-2012-1510 |
Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors. Published: March 16, 2012; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-1508 |
The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. Published: March 16, 2012; 4:55:00 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2010-4263 |
The igb_receive_skb function in drivers/net/igb/igb_main.c in the Intel Gigabit Ethernet (aka igb) subsystem in the Linux kernel before 2.6.34, when Single Root I/O Virtualization (SR-IOV) and promiscuous mode are enabled but no VLANs are registered, allows remote attackers to cause a denial of service (NULL pointer dereference and panic) and possibly have unspecified other impact via a VLAN tagged frame. Published: January 18, 2011; 1:03:07 PM -0500 |
V3.x:(not available) V2.0: 7.9 HIGH |
CVE-2010-0211 |
The slap_modrdn2mods function in modrdn.c in OpenLDAP 2.4.22 does not check the return value of a call to the smr_normalize function, which allows remote attackers to cause a denial of service (segmentation fault) and possibly execute arbitrary code via a modrdn call with an RDN string containing invalid UTF-8 sequences, which triggers a free of an invalid, uninitialized pointer in the slap_mods_free function, as demonstrated using the Codenomicon LDAPv3 test suite. Published: July 28, 2010; 8:48:51 AM -0400 |
V3.1: 9.8 CRITICAL V2.0: 5.0 MEDIUM |