Lucene search
K
VmwareEsx Server

8 matches found

CVE
CVE
added 2008/06/05 8:21 p.m.1449 views

CVE-2008-2100

CVE-2008-2100 corresponds to VMware VIX API Multiple Buffer Overflow Vulnerabilities (VMSA-2008-0009). It affects VIX API 1.1.x before 1.1.4 build 93057 across host products (VMware Workstation 5.x/6.x, VMware Player 1.x/2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, ...

7.2CVSS7.3AI score0.00598EPSS
CVE
CVE
added 2010/04/01 7:0 p.m.91 views

CVE-2010-1137

CVE-2010-1137 describes a cross-site scripting (XSS) vulnerability in VMware WebAccess/VMware Console components. Affected products include VMware VirtualCenter 2.0.2 and 2.5, VMware ESX 3.0.3 and 3.5, and VMware Server 1.0; the issue arises from injecting arbitrary web script or HTML via the nam...

4.3CVSS6AI score0.02399EPSS
CVE
CVE
added 2008/06/05 8:21 p.m.81 views

CVE-2007-5671

CVE-2007-5671 is a VMware Tools local privilege-escalation issue in the guest HGFS driver (HGFS.sys) present in VMware Workstation/Player/ACE/Server and ESX/ESXi components. The flaw arises from improper validation of arguments to user-mode IOCTLs to .\hgfs, enabling a guest user to modify kernel...

4.4CVSS6.8AI score0.00388EPSS
CVE
CVE
added 2008/06/05 8:21 p.m.79 views

CVE-2008-0967

CVE-2008-0967 describes a local privilege escalation in vmware-authd due to an untrusted library search path. A local user can gain privileges by manipulating a library path option in a configuration file. Affected products include VMware Workstation 5.x (before 5.5.7 build 91707), VMware Worksta...

6.9CVSS6.7AI score0.00356EPSS
CVE
CVE
added 2009/12/16 6:0 p.m.73 views

CVE-2009-3731

CVE-2009-3731 describes multiple cross-site scripting (XSS) vulnerabilities in WebWorks Help used by VMware products (e.g., vCenter/ESX/Server, Lab Manager, Stage Manager). The root cause is insufficient sanitization of inbound input in WebWorks Help output formats, enabling remote attackers to i...

4.3CVSS5.6AI score0.02777EPSS
CVE
CVE
added 2010/04/01 7:0 p.m.69 views

CVE-2010-0686

Summary: CVE-2010-0686 concerns VMware WebAccess in VMware VirtualCenter (2.0.2/2.5), VMware Server 2.0, and VMware ESX (3.0.3/3.5). The issue is a URL forwarding vulnerability where the WebAccess proxy functionality does not properly validate/limit inbound requests, allowing an attacker to spoof...

7.5CVSS6.5AI score0.02177EPSS
Web
CVE
CVE
added 2010/04/01 7:0 p.m.63 views

CVE-2009-2277

CVE-2009-2277 is a WebAccess cross-site scripting vulnerability in VMware infrastructure products (VirtualCenter 2.0.2/2.5 and ESX 3.0.3/3.5) that allows remote script/HTML injection via the context data mechanism. Attacks can be launched by enticing a user to request a malicious URL (e.g., throu...

4.3CVSS5.7AI score0.01656EPSS
CVE
CVE
added 2007/04/06 12:0 a.m.62 views

CVE-2007-1270

CVE-2007-1270 involves a double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1. The root cause is a double free in a component that can lead to a crash (DoS), potential information leak, and possibly arbitrary code execution via unspecified vectors. Exploitation details are not provided ...

5CVSS8.1AI score0.02596EPSS