Lucene search
K
VmwareVirtualcenter

10 matches found

CVE
CVE
added 2009/03/25 1:0 a.m.129 views

CVE-2009-1072

CVE-2009-1072 affects the Linux kernel prior to 2.6.28.9. nfsd in the kernel does not drop the CAP_MKNOD capability before handling a user request in a thread, enabling local users on an exported filesystem using root_squash to create device nodes. MiracleLinux 3 lists this as fixed in kernel-2.6...

4.9CVSS4.4AI score0.00427EPSS
CVE
CVE
added 2009/03/12 3:0 p.m.99 views

CVE-2009-0778

CVE-2009-0778 affects the Linux kernel prior to 2.6.25 when configured as a router with a REJECT route. The icmp_send code in net/ipv4/icmp.c can mishandle the Protocol Independent Destination (DST) cache, potentially leaking DST state and allowing remote attackers to cause a denial of service (c...

7.1CVSS6.9AI score0.04623EPSS
CVE
CVE
added 2010/04/01 7:0 p.m.91 views

CVE-2010-1137

CVE-2010-1137 describes a cross-site scripting (XSS) vulnerability in VMware WebAccess/VMware Console components. Affected products include VMware VirtualCenter 2.0.2 and 2.5, VMware ESX 3.0.3 and 3.5, and VMware Server 1.0; the issue arises from injecting arbitrary web script or HTML via the nam...

4.3CVSS6AI score0.02399EPSS
CVE
CVE
added 2008/10/06 6:0 p.m.84 views

CVE-2008-4278

VMware CVE-2008-4278 affects VMware VirtualCenter 2.5 prior to Update 3 (build 119838). The issue allows a displayed password in cleartext for certain characters, enabling a local attacker with access to the UI to capture the password. VMware’s advisory VMSA-2008-0016 confirms the vulnerability a...

2.1CVSS6.5AI score0.00367EPSS
CVE
CVE
added 2013/02/15 11:0 a.m.80 views

CVE-2013-1405

CVE-2013-1405 affects multiple VMware products (vCenter Server, VirtualCenter, vSphere Client, VI-Client, ESXi/ESX 3.5–4.1). A flaw in the management authentication protocol allows remote servers to trigger code execution or memory corruption via unspecified vectors. VMware’s VMSA-2013-0001 descr...

10CVSS8AI score0.02803EPSS
Web
CVE
CVE
added 2010/04/01 7:0 p.m.69 views

CVE-2010-0686

Summary: CVE-2010-0686 concerns VMware WebAccess in VMware VirtualCenter (2.0.2/2.5), VMware Server 2.0, and VMware ESX (3.0.3/3.5). The issue is a URL forwarding vulnerability where the WebAccess proxy functionality does not properly validate/limit inbound requests, allowing an attacker to spoof...

7.5CVSS6.5AI score0.02177EPSS
Web
CVE
CVE
added 2010/04/01 7:0 p.m.63 views

CVE-2009-2277

CVE-2009-2277 is a WebAccess cross-site scripting vulnerability in VMware infrastructure products (VirtualCenter 2.0.2/2.5 and ESX 3.0.3/3.5) that allows remote script/HTML injection via the context data mechanism. Attacks can be launched by enticing a user to request a malicious URL (e.g., throu...

4.3CVSS5.7AI score0.01656EPSS
CVE
CVE
added 2011/05/09 10:0 p.m.57 views

CVE-2011-0426

CVE-2011-0426 corresponds to VMware vCenter Server and VirtualCenter directory traversal vulnerability that allows remote read of arbitrary files via unspecified vectors. Affected products/versions per advisories: vCenter Server 4.0 before Update 3, vCenter Server 4.1 before Update 1, and Virtual...

4.3CVSS6.7AI score0.02147EPSS
CVE
CVE
added 2006/11/21 1:0 a.m.56 views

CVE-2006-5990

CVE-2006-5990 concerns VMware VirtualCenter client 2.x before 2.0.1 Patch 1 (Build 33643) and 1.4.x before 1.4.1 Patch 1 (Build 33425). When server certificate verification is enabled, the client does not verify the server’s X.509 certificate during SSL session creation, allowing remote malicious...

4CVSS6.5AI score0.00885EPSS
CVE
CVE
added 2008/08/13 10:0 a.m.50 views

CVE-2008-3514

CVE-2008-3514 affects VMware VirtualCenter: versions 2.5 before Update 2 and 2.0.2 before Update 5 expose an information disclosure through client-side enabled/disabled functionality that can reveal usernames of system accounts. The root cause is a permission-control weakness in the GUI enabling ...

5CVSS6.6AI score0.01814EPSS