cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2013-5973,https://securityvulnerability.io/vulnerability/CVE-2013-5973,,"VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename.",Vmware,Esx,,,0.0004199999966658652,false,false,false,false,,false,false,2013-12-23T15:00:00.000Z,0
CVE-2013-5970,https://securityvulnerability.io/vulnerability/CVE-2013-5970,,hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying management traffic.,Vmware,Esx,,,0.059849999845027924,false,false,false,false,,false,false,2013-10-21T10:00:00.000Z,0
CVE-2013-3658,https://securityvulnerability.io/vulnerability/CVE-2013-3658,,"Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors.",Vmware,"Esxi,Esx",,,0.007360000163316727,false,false,false,false,,false,false,2013-09-10T11:28:00.000Z,0
CVE-2013-3657,https://securityvulnerability.io/vulnerability/CVE-2013-3657,,"Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspecified vectors.",Vmware,"Esxi,Esx",,,0.05869999900460243,false,false,false,false,,false,false,2013-09-10T11:28:00.000Z,0
CVE-2013-1661,https://securityvulnerability.io/vulnerability/CVE-2013-1661,,"VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to cause a denial of service (unhandled exception and application crash) by modifying the client-server data stream.",Vmware,"Esxi,Esx",,,0.0008200000156648457,false,false,false,false,,false,false,2013-09-04T03:24:00.000Z,0
CVE-2012-5703,https://securityvulnerability.io/vulnerability/CVE-2012-5703,,The vSphere API in VMware ESXi 4.1 and ESX 4.1 allows remote attackers to cause a denial of service (host daemon crash) via an invalid value in a (1) RetrieveProp or (2) RetrievePropEx SOAP request.,Vmware,"Esxi,Esx",,,0.034529998898506165,false,false,false,false,,false,false,2012-11-20T02:00:00.000Z,0
CVE-2012-1517,https://securityvulnerability.io/vulnerability/CVE-2012-1517,,"The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers.",Vmware,"Esxi,Esx",,,0.0024800000246614218,false,false,false,false,,false,false,2012-05-04T16:00:00.000Z,0
CVE-2012-1516,https://securityvulnerability.io/vulnerability/CVE-2012-1516,,"The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving data pointers.",Vmware,Esx,9.9,CRITICAL,0.005919999908655882,false,false,false,false,,false,false,2012-05-04T16:00:00.000Z,0
CVE-2012-1508,https://securityvulnerability.io/vulnerability/CVE-2012-1508,,"The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.",Vmware,"Esxi,Esx,View",,,0.0006200000061653554,false,false,false,false,,false,false,2012-03-16T20:00:00.000Z,0
CVE-2012-1510,https://securityvulnerability.io/vulnerability/CVE-2012-1510,,"Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.",Vmware,"Esxi,Esx,View",,,0.0007699999841861427,false,false,false,false,,false,false,2012-03-16T20:00:00.000Z,0
CVE-2011-2145,https://securityvulnerability.io/vulnerability/CVE-2011-2145,,"mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a ""procedural error.""",Vmware,"Esx,Esxi,Fusion,Player,Workstation",,,0.0006200000061653554,false,false,false,false,,false,false,2011-06-06T19:00:00.000Z,0
CVE-2011-1789,https://securityvulnerability.io/vulnerability/CVE-2011-1789,,"The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer.",Vmware,"Vcenter,Esxi,Esx",,,0.002139999996870756,false,false,false,false,,false,false,2011-05-09T22:55:00.000Z,0
CVE-2011-1785,https://securityvulnerability.io/vulnerability/CVE-2011-1785,,VMware ESXi 4.0 and 4.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (socket exhaustion) via unspecified network traffic.,Vmware,"Esxi,Esx",,,0.05590999871492386,false,false,false,false,,false,false,2011-05-03T22:00:00.000Z,0
CVE-2009-2277,https://securityvulnerability.io/vulnerability/CVE-2009-2277,,"Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to ""context data.""",Vmware,"Esx Server,Virtualcenter",,,0.001990000018849969,false,false,false,false,,false,false,2010-04-01T19:00:00.000Z,0
CVE-2009-3733,https://securityvulnerability.io/vulnerability/CVE-2009-3733,,"Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors.",Vmware,"Server,Esx,Esxi",,,0.9666399955749512,false,false,false,false,,false,false,2009-11-02T15:00:00.000Z,0
CVE-2009-2267,https://securityvulnerability.io/vulnerability/CVE-2009-2267,,"VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.",Vmware,"Ace,Player,Fusion,Server,Esx,Workstation,Esxi",,,0.0013500000350177288,false,false,false,false,,false,false,2009-11-02T15:00:00.000Z,0
CVE-2009-1805,https://securityvulnerability.io/vulnerability/CVE-2009-1805,,"Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.",Vmware,"Ace,Player,Workstation,Server,Esx,Fusion,Esxi",,,0.0006200000061653554,false,false,false,false,,false,false,2009-06-01T19:00:00.000Z,0
CVE-2009-1244,https://securityvulnerability.io/vulnerability/CVE-2009-1244,,"Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.",Vmware,"Ace,Player,Fusion,Workstation,Server,Esx,Esxi",,,0.0007300000288523734,false,false,false,true,true,false,false,2009-04-13T16:00:00.000Z,0
CVE-2009-0518,https://securityvulnerability.io/vulnerability/CVE-2009-0518,,"VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password.",Vmware,"Vmware Esx,Vmware Virtualcenter,Vmware Esxi",,,0.0004199999966658652,false,false,false,false,,false,false,2009-04-06T15:00:00.000Z,0
CVE-2008-4916,https://securityvulnerability.io/vulnerability/CVE-2008-4916,,"Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors.",Vmware,"Vmware Player,Vmware Esx,Vmware Ace,Vmware Server,Vmware Workstation,Vmware Esxi",,,0.0006200000061653554,false,false,false,false,,false,false,2009-04-06T15:00:00.000Z,0
CVE-2008-4914,https://securityvulnerability.io/vulnerability/CVE-2008-4914,,Unspecified vulnerability in VMware ESXi 3.5 before ESXe350-200901401-I-SG and ESX 3.5 before ESX350-200901401-SG allows local administrators to cause a denial of service (host crash) via a snapshot with a malformed VMDK delta disk.,Vmware,"Esx,Esxi",,,0.0006200000061653554,false,false,false,false,,false,false,2009-02-03T19:00:00.000Z,0
CVE-2008-4917,https://securityvulnerability.io/vulnerability/CVE-2008-4917,,"Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.",Vmware,"Esxi,Workstation,Player,Server,Esx",,,0.0013200000394135714,false,false,false,false,,false,false,2008-12-09T00:00:00.000Z,0
CVE-2008-4915,https://securityvulnerability.io/vulnerability/CVE-2008-4915,,"The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS.",Vmware,"Esxi,Workstation,Player,Ace,Server,Esx",,,0.0013200000394135714,false,false,false,false,,false,false,2008-11-10T11:00:00.000Z,0
CVE-2008-4281,https://securityvulnerability.io/vulnerability/CVE-2008-4281,,Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors.,Vmware,"Esxi,Esx",,,0.008609999902546406,false,false,false,false,,false,false,2008-11-10T11:00:00.000Z,0
CVE-2008-4279,https://securityvulnerability.io/vulnerability/CVE-2008-4279,,The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address.,Vmware,"Player,Workstation,Esx,Server",,,0.0013200000394135714,false,false,false,false,,false,false,2008-10-06T18:00:00.000Z,0