cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2009-2277,https://securityvulnerability.io/vulnerability/CVE-2009-2277,,"Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to ""context data.""",Vmware,"Esx Server,Virtualcenter",,,0.001990000018849969,false,false,false,false,,false,false,2010-04-01T19:00:00.000Z,0
CVE-2009-3733,https://securityvulnerability.io/vulnerability/CVE-2009-3733,,"Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors.",Vmware,"Server,Esx,Esxi",,,0.9666399955749512,false,false,false,false,,false,false,2009-11-02T15:00:00.000Z,0
CVE-2009-2267,https://securityvulnerability.io/vulnerability/CVE-2009-2267,,"VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by specifying a crafted value for the cs register.",Vmware,"Ace,Player,Fusion,Server,Esx,Workstation,Esxi",,,0.0013500000350177288,false,false,false,false,,false,false,2009-11-02T15:00:00.000Z,0
CVE-2009-1805,https://securityvulnerability.io/vulnerability/CVE-2009-1805,,"Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors.",Vmware,"Ace,Player,Workstation,Server,Esx,Fusion,Esxi",,,0.0006200000061653554,false,false,false,false,,false,false,2009-06-01T19:00:00.000Z,0
CVE-2009-1244,https://securityvulnerability.io/vulnerability/CVE-2009-1244,,"Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916.",Vmware,"Ace,Player,Fusion,Workstation,Server,Esx,Esxi",,,0.0007300000288523734,false,false,false,true,true,false,false,2009-04-13T16:00:00.000Z,0
CVE-2008-4916,https://securityvulnerability.io/vulnerability/CVE-2008-4916,,"Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors.",Vmware,"Vmware Player,Vmware Esx,Vmware Ace,Vmware Server,Vmware Workstation,Vmware Esxi",,,0.0006200000061653554,false,false,false,false,,false,false,2009-04-06T15:00:00.000Z,0
CVE-2008-4917,https://securityvulnerability.io/vulnerability/CVE-2008-4917,,"Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that triggers an arbitrary physical-memory write operation, leading to memory corruption.",Vmware,"Esxi,Workstation,Player,Server,Esx",,,0.0013200000394135714,false,false,false,false,,false,false,2008-12-09T00:00:00.000Z,0
CVE-2008-4915,https://securityvulnerability.io/vulnerability/CVE-2008-4915,,"The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the Trap flag, which allows authenticated guest OS users to gain privileges on the guest OS.",Vmware,"Esxi,Workstation,Player,Ace,Server,Esx",,,0.0013200000394135714,false,false,false,false,,false,false,2008-11-10T11:00:00.000Z,0
CVE-2008-4279,https://securityvulnerability.io/vulnerability/CVE-2008-4279,,The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by triggering an exception that causes the virtual CPU to perform an indirect jump to a non-canonical address.,Vmware,"Player,Workstation,Esx,Server",,,0.0013200000394135714,false,false,false,false,,false,false,2008-10-06T18:00:00.000Z,0
CVE-2008-2100,https://securityvulnerability.io/vulnerability/CVE-2008-2100,,"Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.",Vmware,"Fusion,Esx Server,Esxi,Esx,Workstation,Player,Ace,Server",,,0.005619999952614307,false,false,false,false,,false,false,2008-06-05T20:21:00.000Z,0
CVE-2008-0967,https://securityvulnerability.io/vulnerability/CVE-2008-0967,,"Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file.",Vmware,"Esx Server,Player,Vmware Server,Vmware Workstation,Workstation,Esxi,Server,Esx",,,0.0004199999966658652,false,false,false,false,,false,false,2008-06-05T20:21:00.000Z,0
CVE-2007-5671,https://securityvulnerability.io/vulnerability/CVE-2007-5671,,"HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges.",Vmware,"Vmware Player,Ace,Vmware Server,Vmware Workstation,Workstation,Player,Esx Server,Server,Esx",,,0.0006200000061653554,false,false,false,false,,false,false,2008-06-05T20:21:00.000Z,0
CVE-2007-0061,https://securityvulnerability.io/vulnerability/CVE-2007-0061,,"The DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed packet that triggers ""corrupt stack memory.""",Vmware,"Workstation,Player,Ace,Esx,Server",,,0.757070004940033,false,false,false,false,,false,false,2007-09-21T18:00:00.000Z,0
CVE-2007-0063,https://securityvulnerability.io/vulnerability/CVE-2007-0063,,"Integer underflow in the DHCP server in EMC VMware Workstation before 5.5.5 Build 56455 and 6.x before 6.0.1 Build 55017, Player before 1.0.5 Build 56455 and Player 2 before 2.0.1 Build 55017, ACE before 1.0.3 Build 54075 and ACE 2 before 2.0.1 Build 55017, and Server before 1.0.4 Build 56528 allows remote attackers to execute arbitrary code via a malformed DHCP packet that triggers a stack-based buffer overflow.",Vmware,"Workstation,Player,Ace,Esx,Server",,,0.723609983921051,false,false,false,false,,false,false,2007-09-21T18:00:00.000Z,0
CVE-2007-1270,https://securityvulnerability.io/vulnerability/CVE-2007-1270,,"Double free vulnerability in VMware ESX Server 3.0.0 and 3.0.1 allows attackers to cause a denial of service (crash), obtain sensitive information, or possibly execute arbitrary code via unspecified vectors.",Vmware,"Esx Server,Esx",,,0.015159999951720238,false,false,false,false,,false,false,2007-04-06T00:00:00.000Z,0
CVE-2006-3589,https://securityvulnerability.io/vulnerability/CVE-2006-3589,,"vmware-config.pl in VMware for Linux, ESX Server 2.x, and Infrastructure 3 does not check the return code from a Perl chmod function call, which might cause an SSL key file to be created with an unsafe umask that allows local users to read or modify the SSL key.",Vmware,"Server,Workstation,Infrastructure,Player,Esx",,,0.0005200000014156103,false,false,false,false,,false,false,2006-07-21T14:03:00.000Z,0