) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:o:vmware:esxi:6.5:esxi650-201806401-bg:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2023-29552 |
The Service Location Protocol (SLP, RFC 2608) allows an unauthenticated, remote attacker to register arbitrary services. This could allow the attacker to use spoofed UDP traffic to conduct a denial-of-service attack with a significant amplification factor. Published: April 25, 2023; 12:15:09 PM -0400 |
V3.1: 7.5 HIGH V2.0:(not available) |
| CVE-2022-31681 |
VMware ESXi contains a null-pointer deference vulnerability. A malicious actor with privileges within the VMX process only, may create a denial of service condition on the host. Published: October 07, 2022; 5:15:11 PM -0400 |
V3.1: 6.5 MEDIUM V2.0:(not available) |
| CVE-2020-3955 |
ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.3. Published: April 28, 2020; 11:15:18 PM -0400 |
V3.1: 9.3 CRITICAL V2.0: 4.3 MEDIUM |
| CVE-2018-6977 |
VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive. Published: October 09, 2018; 4:29:01 PM -0400 |
V3.0: 6.5 MEDIUM V2.0: 4.9 MEDIUM |