| # |
CVE ID
|
CWE ID
|
# of Exploits
|
Vulnerability Type(s)
|
Publish Date
|
Update Date
|
Score
|
Gained Access Level
|
Access
|
Complexity
|
Authentication
|
Conf.
|
Integ.
|
Avail.
|
|
1 |
CVE-2013-3107 |
264 |
|
Bypass |
2013-05-01 |
2013-05-01 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass authentication by providing a valid username in conjunction with an empty password. |
|
2 |
CVE-2013-3080 |
264 |
|
DoS Exec Code |
2013-05-01 |
2013-05-01 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and consequently execute arbitrary code or cause a denial of service, by leveraging Virtual Appliance Management Interface (VAMI) web-interface access. |
|
3 |
CVE-2013-3079 |
94 |
|
|
2013-05-01 |
2013-05-01 |
9.0 |
Admin |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root privileges by leveraging Virtual Appliance Management Interface (VAMI) access. |
|
4 |
CVE-2013-1659 |
|
|
DoS Exec Code Mem. Corr. |
2013-02-22 |
2013-02-25 |
7.6 |
None |
Remote |
High |
Not required |
Complete |
Complete |
Complete |
|
VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5 through 4.1 do not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to execute arbitrary code or cause a denial of service (memory corruption) by modifying the client-server data stream. |
|
5 |
CVE-2013-1406 |
20 |
|
+Priv |
2013-02-11 |
2013-02-12 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 does not properly restrict memory allocation by control code, which allows local users to gain privileges via unspecified vectors. |
|
6 |
CVE-2013-1405 |
287 |
|
DoS Exec Code Mem. Corr. |
2013-02-15 |
2013-02-15 |
10.0 |
None |
Remote |
Low |
Not required |
Complete |
Complete |
Complete |
|
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do not properly implement the management authentication protocol, which allow remote servers to execute arbitrary code or cause a denial of service (memory corruption) via unspecified vectors. |
|
7 |
CVE-2012-6326 |
119 |
|
DoS Overflow |
2013-02-22 |
2013-02-25 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries. |
|
8 |
CVE-2012-6325 |
200 |
|
+Info |
2012-12-21 |
2013-01-08 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors. |
|
9 |
CVE-2012-6324 |
22 |
|
Dir. Trav. |
2012-12-21 |
2012-12-24 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors. |
|
10 |
CVE-2012-5978 |
22 |
|
Dir. Trav. |
2012-12-19 |
2013-03-11 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors. |
|
11 |
CVE-2012-5703 |
20 |
|
DoS |
2012-11-20 |
2013-03-11 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request. |
|
12 |
CVE-2012-5459 |
|
|
+Priv |
2012-11-14 |
2012-11-19 |
7.9 |
None |
Local Network |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows allows host OS users to gain host OS privileges via a Trojan horse DLL in a "system folder." |
|
13 |
CVE-2012-5458 |
264 |
|
+Priv |
2012-11-14 |
2012-11-19 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application. |
|
14 |
CVE-2012-5055 |
200 |
|
+Info |
2012-12-05 |
2012-12-28 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
DaoAuthenticationProvider in VMware SpringSource Spring Security before 2.0.8, 3.0.x before 3.0.8, and 3.1.x before 3.1.3 does not check the password if the user is not found, which makes the response delay shorter and might allow remote attackers to enumerate valid usernames via a series of login requests. |
|
15 |
CVE-2012-5051 |
22 |
|
Dir. Trav. |
2012-10-05 |
2013-02-02 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
Directory traversal vulnerability in VMware CapacityIQ 1.5.x allows remote attackers to read arbitrary files via unspecified vectors. |
|
16 |
CVE-2012-5050 |
79 |
|
XSS |
2012-10-05 |
2013-02-07 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the server in VMware vCenter Operations (aka vCOps) before 5.0.x allows remote attackers to inject arbitrary web script or HTML via unspecified vectors. |
|
17 |
CVE-2012-4897 |
|
|
+Priv |
2012-10-05 |
2013-02-07 |
6.9 |
Admin |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in the installer in VMware Movie Decoder before 9.0 allows local users to gain privileges via a Trojan horse executable file in the installer directory. |
|
18 |
CVE-2012-3569 |
134 |
|
Exec Code |
2012-11-14 |
2013-03-01 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file. |
|
19 |
CVE-2012-3289 |
94 |
|
DoS |
2012-06-14 |
2012-06-15 |
7.8 |
None |
Remote |
Low |
Not required |
None |
None |
Complete |
|
VMware Workstation 8.x before 8.0.4, VMware Player 4.x before 4.0.4, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow remote attackers to cause a denial of service (guest OS crash) via crafted traffic from a remote virtual device. |
|
20 |
CVE-2012-3288 |
20 |
|
DoS Exec Code Mem. Corr. |
2012-06-14 |
2012-06-15 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial of service (memory corruption) on the host OS via a crafted Checkpoint file. |
|
21 |
CVE-2012-2752 |
|
|
+Priv |
2012-06-01 |
2012-08-18 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in VMware vMA 4.x and 5.x before 5.0.0.2 allows local users to gain privileges via a Trojan horse DLL in the current working directory. |
|
22 |
CVE-2012-2450 |
|
|
DoS Exec Code |
2012-05-04 |
2012-05-07 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
|
23 |
CVE-2012-2449 |
119 |
|
DoS Exec Code Overflow |
2012-05-04 |
2012-05-07 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. |
|
24 |
CVE-2012-2448 |
119 |
|
DoS Exec Code Overflow |
2012-05-04 |
2012-05-07 |
7.5 |
None |
Remote |
Low |
Not required |
Partial |
Partial |
Partial |
|
VMware ESXi 3.5 through 5.0 and ESX 3.5 through 4.1 allow remote attackers to execute arbitrary code or cause a denial of service (memory overwrite) via NFS traffic. |
|
25 |
CVE-2012-1666 |
|
|
+Priv |
2012-09-08 |
2012-09-10 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory. |
|
26 |
CVE-2012-1518 |
264 |
|
+Priv |
2012-04-17 |
2012-04-20 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 though 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors. |
|
27 |
CVE-2012-1517 |
119 |
|
DoS Exec Code Overflow |
2012-05-04 |
2012-05-07 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers. |
|
28 |
CVE-2012-1516 |
119 |
|
DoS Exec Code Overflow |
2012-05-04 |
2012-05-07 |
9.0 |
None |
Remote |
Low |
Single system |
Complete |
Complete |
Complete |
|
The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers. |
|
29 |
CVE-2012-1515 |
264 |
|
+Priv |
2012-04-02 |
2013-03-06 |
8.3 |
None |
Local Network |
Low |
Not required |
Complete |
Complete |
Complete |
|
VMware ESXi 3.5, 4.0, and 4.1 and ESX 3.5, 4.0, and 4.1 do not properly implement port-based I/O operations, which allows guest OS users to gain guest OS privileges by overwriting memory locations in a read-only memory block associated with the Virtual DOS Machine. |
|
30 |
CVE-2012-1514 |
352 |
|
CSRF |
2012-03-16 |
2012-10-09 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Cross-site request forgery (CSRF) vulnerability in VMware vShield Manager (vSM) 1.0.1 before Update 2 and 4.1.0 before Update 2 allows remote attackers to hijack the authentication of arbitrary users. |
|
31 |
CVE-2012-1513 |
200 |
|
+Info |
2012-03-16 |
2012-11-06 |
4.0 |
None |
Remote |
Low |
Single system |
Partial |
None |
None |
|
The Web Configuration tool in VMware vCenter Orchestrator (vCO) 4.0 before Update 4, 4.1 before Update 2, and 4.2 before Update 1 places the vCenter Server password in an HTML document, which allows remote authenticated administrators to obtain sensitive information by reading this document. |
|
32 |
CVE-2012-1512 |
79 |
|
XSS |
2012-03-16 |
2012-11-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in the internal browser in vSphere Client in VMware vSphere 4.1 before Update 2 and 5.0 before Update 1 allows remote attackers to inject arbitrary web script or HTML via a crafted log-file entry. |
|
33 |
CVE-2012-1511 |
79 |
|
XSS |
2012-03-16 |
2012-11-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL. |
|
34 |
CVE-2012-1510 |
119 |
|
Overflow +Priv |
2012-03-16 |
2012-11-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors. |
|
35 |
CVE-2012-1509 |
119 |
|
Overflow +Priv |
2012-03-16 |
2012-11-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors. |
|
36 |
CVE-2012-1508 |
264 |
|
DoS +Priv |
2012-03-16 |
2012-11-06 |
7.2 |
None |
Local |
Low |
Not required |
Complete |
Complete |
Complete |
|
The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors. |
|
37 |
CVE-2012-1472 |
20 |
|
DoS |
2012-03-12 |
2012-03-13 |
6.4 |
None |
Remote |
Low |
Not required |
Partial |
None |
Partial |
|
VMware vCenter Chargeback Manager (aka CBM) before 2.0.1 does not properly handle XML API requests, which allows remote attackers to read arbitrary files or cause a denial of service via unspecified vectors. |
|
38 |
CVE-2012-0903 |
79 |
1
|
XSS |
2012-01-20 |
2012-01-23 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
Multiple cross-site scripting (XSS) vulnerabilities in Zimbra Desktop 7.1.2 b10978 allow remote attackers to inject arbitrary web script or HTML via the (1) Username or (2) MailBox Name. |
|
39 |
CVE-2011-4404 |
16 |
|
Dir. Trav. |
2011-11-18 |
2011-12-12 |
5.0 |
None |
Remote |
Low |
Not required |
Partial |
None |
None |
|
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523. |
|
40 |
CVE-2011-3868 |
119 |
|
Exec Code Overflow |
2011-10-07 |
2013-05-14 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image. |
|
41 |
CVE-2011-2894 |
264 |
|
Exec Code Bypass |
2011-10-04 |
2012-02-13 |
6.8 |
None |
Remote |
Medium |
Not required |
Partial |
Partial |
Partial |
|
Spring Framework 3.0.0 through 3.0.5, Spring Security 3.0.0 through 3.0.5 and 2.0.0 through 2.0.6, and possibly other versions deserialize objects from untrusted sources, which allows remote attackers to bypass intended security restrictions and execute untrusted code by (1) serializing a java.lang.Proxy instance and using InvocationHandler, or (2) accessing internal AOP interfaces, as demonstrated using deserialization of a DefaultListableBeanFactory instance to execute arbitrary commands via the java.lang.Runtime class. |
|
42 |
CVE-2011-2732 |
94 |
|
Http R.Spl. |
2012-12-05 |
2012-12-06 |
4.3 |
None |
Remote |
Medium |
Not required |
None |
Partial |
None |
|
CRLF injection vulnerability in the logout functionality in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via the spring-security-redirect parameter. |
|
43 |
CVE-2011-2731 |
362 |
|
+Priv |
2012-12-05 |
2012-12-26 |
5.1 |
User |
Remote |
High |
Not required |
Partial |
Partial |
Partial |
|
Race condition in the RunAsManager mechanism in VMware SpringSource Spring Security before 2.0.7 and 3.0.x before 3.0.6 stores the Authentication object in the shared security context, which allows attackers to gain privileges via a crafted thread. |
|
44 |
CVE-2011-2217 |
119 |
|
DoS Exec Code Overflow Mem. Corr. |
2011-06-06 |
2011-09-06 |
9.3 |
None |
Remote |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Certain ActiveX controls in (1) tsgetxu71ex552.dll and (2) tsgetx71ex552.dll in Tom Sawyer GET Extension Factory 5.5.2.237, as used in VI Client (aka VMware Infrastructure Client) 2.0.2 before Build 230598 and 2.5 before Build 204931 in VMware Infrastructure 3, do not properly handle attempted initialization within Internet Explorer, which allows remote attackers to execute arbitrary code or cause a denial of service (memory corruption) via a crafted HTML document. |
|
45 |
CVE-2011-2146 |
200 |
|
+Info |
2011-06-06 |
2011-11-23 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 though 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors. |
|
46 |
CVE-2011-2145 |
264 |
|
|
2011-06-06 |
2011-11-23 |
6.3 |
None |
Local |
Medium |
Not required |
None |
Complete |
Complete |
|
mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 though 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error." |
|
47 |
CVE-2011-1789 |
310 |
|
|
2011-05-09 |
2011-05-26 |
5.0 |
None |
Remote |
Low |
Not required |
None |
Partial |
None |
|
The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer. |
|
48 |
CVE-2011-1788 |
200 |
|
+Info |
2011-05-09 |
2011-05-16 |
2.1 |
None |
Local |
Low |
Not required |
Partial |
None |
None |
|
vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1 allows local users to discover the SOAP session ID via unspecified vectors. |
|
49 |
CVE-2011-1787 |
362 |
|
+Priv |
2011-06-06 |
2011-11-23 |
6.9 |
None |
Local |
Medium |
Not required |
Complete |
Complete |
Complete |
|
Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 though 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory. |
|
50 |
CVE-2011-1786 |
399 |
|
DoS |
2011-05-03 |
2011-10-07 |
5.0 |
None |
Remote |
Low |
Not required |
None |
None |
Partial |
|
lsassd in Likewise Open /Enterprise 5.3 before build 7845, Open 6.0 before build 8325, and Enterprise 6.0 before build 178, as distributed in VMware ESXi 4.1 and ESX 4.1 and possibly other products, allows remote attackers to cause a denial of service (daemon crash) via an Active Directory login attempt that provides a username containing an invalid byte sequence. |