U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

National Vulnerability Database

National Vulnerability Database

NVD

National Vulnerability Database
  1. VulnerabilitiesSearch And Statistics

Search Results (Refine Search)

Search Parameters:
  • Keyword (text search): vmware esx
There are 144 matching records.
Displaying matches 141 through 144.
Vuln ID Summary CVSS Severity
CVE-2005-3620

The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local users to gain privileges.

Published: December 31, 2005; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 2.1 LOW
CVE-2005-4773

The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and 2.5.x allows local users to cause a denial of service (shutdown) via the (1) halt, (2) poweroff, and (3) reboot scripts executed at the service console.

Published: December 31, 2005; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 4.9 MEDIUM
CVE-2005-4583

Unspecified vulnerability in the Management Interface in VMware ESX Server 2.x up to 2.5.x before 24 December 2005 allows "remote code execution in the Web browser" via unspecified attack vectors, probably related to cross-site scripting (XSS).

Published: December 29, 2005; 6:03:00 AM -0500 		V3.x:(not available)
 V2.0: 4.3 MEDIUM
CVE-2003-1291

VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables.

Published: December 31, 2003; 12:00:00 AM -0500 		V3.x:(not available)
 V2.0: 7.2 HIGH