Filtered by vendor Vmware
Subscribe
Total
875 CVE
CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
---|---|---|---|---|---|
CVE-2005-2939 | 1 Vmware | 1 Workstation | 2023-12-10 | 7.2 HIGH | N/A |
Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. | |||||
CVE-2005-3619 | 1 Vmware | 1 Esx | 2023-12-10 | 6.8 MEDIUM | N/A |
Cross-site scripting (XSS) vulnerability in the management interface for VMware ESX 2.5.x before 2.5.2 upgrade patch 2, 2.1.x before 2.1.2 upgrade patch 6, and 2.0.x before 2.0.1 upgrade patch 6 allows remote attackers to inject arbitrary web script or HTML via messages that are not sanitized when viewing syslog log files. | |||||
CVE-2005-3620 | 1 Vmware | 1 Esx | 2023-12-10 | 2.1 LOW | N/A |
The management interface for VMware ESX Server 2.0.x before 2.0.2 patch 1, 2.1.x before 2.1.3 patch 1, and 2.x before 2.5.3 patch 2 records passwords in cleartext in URLs that are stored in world-readable web server log files, which allows local users to gain privileges. | |||||
CVE-2006-2481 | 1 Vmware | 1 Esx | 2023-12-10 | 5.0 MEDIUM | N/A |
VMware ESX Server 2.0.x before 2.0.2 and 2.x before 2.5.2 patch 4 stores authentication credentials in base 64 encoded format in the vmware.mui.kid and vmware.mui.sid cookies, which allows attackers to gain privileges by obtaining the cookies using attacks such as cross-site scripting (CVE-2005-3619). | |||||
CVE-2004-2515 | 1 Vmware | 1 Workstation | 2023-12-10 | 7.2 HIGH | N/A |
Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. NOTE: it is not clear if there are any default or typical circumstances under which VMware would be running with privileges beyond those already available to the attackers, so this might not be a vulnerability. | |||||
CVE-2005-4773 | 1 Vmware | 1 Esx | 2023-12-10 | 4.9 MEDIUM | N/A |
The configuration of VMware ESX Server 2.x, 2.0.x, 2.1.x, and 2.5.x allows local users to cause a denial of service (shutdown) via the (1) halt, (2) poweroff, and (3) reboot scripts executed at the service console. | |||||
CVE-2003-1291 | 1 Vmware | 1 Esx | 2023-12-10 | 7.2 HIGH | N/A |
VMware ESX Server 1.5.2 before Patch 4 allows local users to execute arbitrary programs as root via certain modified VMware ESX Server environment variables. | |||||
CVE-2003-0480 | 1 Vmware | 1 Workstation | 2023-12-10 | 3.7 LOW | N/A |
VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation." | |||||
CVE-2000-0090 | 1 Vmware | 1 Workstation | 2023-12-10 | 3.6 LOW | N/A |
VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. | |||||
CVE-2002-0814 | 1 Vmware | 1 Gsx Server | 2023-12-10 | 7.5 HIGH | N/A |
Buffer overflow in VMware Authorization Service for VMware GSX Server 2.0.0 build-2050 allows remote authenticated users to execute arbitrary code via a long GLOBAL argument. | |||||
CVE-2003-0631 | 1 Vmware | 2 Gsx Server, Workstation | 2023-12-10 | 7.2 HIGH | N/A |
VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. | |||||
CVE-2001-1059 | 1 Vmware | 1 Workstation | 2023-12-10 | 3.6 LOW | N/A |
VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. | |||||
CVE-2004-0081 | 23 4d, Apple, Avaya and 20 more | 66 Webstar, Mac Os X, Mac Os X Server and 63 more | 2023-12-10 | 5.0 MEDIUM | N/A |
OpenSSL 0.9.6 before 0.9.6d does not properly handle unknown message types, which allows remote attackers to cause a denial of service (infinite loop), as demonstrated using the Codenomicon TLS Test Tool. | |||||
CVE-1999-0733 | 1 Vmware | 1 Workstation | 2023-12-10 | 7.2 HIGH | N/A |
Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable. | |||||
CVE-2003-0739 | 1 Vmware | 1 Workstation | 2023-12-10 | 4.6 MEDIUM | N/A |
VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. |