Search Results (Refine Search)
- Keyword (text search): vmware esx
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2013-3658 |
Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors. Published: September 10, 2013; 7:28:40 AM -0400 |
V3.x:(not available) V2.0: 9.4 HIGH |
CVE-2013-3657 |
Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors. Published: September 10, 2013; 7:28:40 AM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2013-1661 |
VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled exception and application crash) by modifying the client-server data stream. Published: September 03, 2013; 11:24:36 PM -0400 |
V3.x:(not available) V2.0: 4.3 MEDIUM |
CVE-2013-1211 |
Cisco NX-OS on the Nexus 1000V does not properly handle authentication for Virtual Ethernet Module (VEM) to Virtual Supervisor Module (VSM) communication, which allows remote attackers to obtain VEM access via (1) spoofed STUN packets or (2) a crafted VMware ESXi instance, aka Bug ID CSCud14832. Published: May 29, 2013; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2013-1210 |
Array index error in the Virtual Ethernet Module (VEM) kernel driver for VMware ESXi in Cisco NX-OS on the Nexus 1000V, when STUN debugging is enabled, allows remote attackers to cause a denial of service (ESXi crash and purple screen of death) by sending crafted STUN packets to a VEM, aka Bug ID CSCud14825. Published: May 29, 2013; 3:55:01 PM -0400 |
V3.x:(not available) V2.0: 5.4 MEDIUM |
CVE-2013-1659 |
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream. Published: February 22, 2013; 3:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.6 HIGH |
CVE-2013-1405 |
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. Published: February 15, 2013; 7:09:29 AM -0500 |
V3.x:(not available) V2.0: 10.0 HIGH |
CVE-2013-1406 |
The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors. Published: February 11, 2013; 5:55:01 PM -0500 |
V3.x:(not available) V2.0: 7.2 HIGH |
CVE-2012-5703 |
The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. Published: November 20, 2012; 12:52:02 AM -0500 |
V3.x:(not available) V2.0: 5.0 MEDIUM |
CVE-2012-1666 |
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory. Published: September 08, 2012; 6:28:20 AM -0400 |
V3.x:(not available) V2.0: 6.9 MEDIUM |
CVE-2012-3289 |
VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device. Published: June 14, 2012; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.8 HIGH |
CVE-2012-3288 |
VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file. Published: June 14, 2012; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.3 HIGH |
CVE-2012-2450 |
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2012-2449 |
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2012-2448 |
VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.5 HIGH |
CVE-2012-1517 |
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.x:(not available) V2.0: 9.0 HIGH |
CVE-2012-1516 |
The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers. Published: May 04, 2012; 12:55:01 PM -0400 |
V3.1: 9.9 CRITICAL V2.0: 9.0 HIGH |
CVE-2012-1518 |
VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors. Published: April 17, 2012; 5:55:01 PM -0400 |
V3.x:(not available) V2.0: 8.3 HIGH |
CVE-2012-1515 |
VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. Published: April 02, 2012; 6:46:44 AM -0400 |
V3.x:(not available) V2.0: 8.3 HIGH |
CVE-2012-1510 |
Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors. Published: March 16, 2012; 4:55:01 PM -0400 |
V3.x:(not available) V2.0: 7.2 HIGH |