Vmware Esx
47 CVEs affecting Vmware Esx. Latest disclosed: 2014-01-17. Critical: 1, High: 6.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2012-1516 | Critical | 9.9 | 2012-05-04 | The VMX process in VMware ESXi 3.5 through 4.1 and ESX 3.5 through 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of… |
CVE-2010-2943 | High | 8.1 | 2010-09-30 | The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticat… |
CVE-2010-3081 | High | 7.8 | 2010-09-24 | The compat_alloc_user_space functions in include/asm/compat.h files in the Linux kernel before 2.6.36-rc4-git2 on 64-bit platforms do not properly allocate the… |
CVE-2010-2798 | High | 7.8 | 2010-09-08 | The gfs2_dirent_find_space function in fs/gfs2/dir.c in the Linux kernel before 2.6.35 uses an incorrect size value in calculations associated with sentinel di… |
CVE-2010-2524 | High | 7.8 | 2010-09-08 | The DNS resolution functionality in the CIFS implementation in the Linux kernel before 2.6.35, when CONFIG_CIFS_DFS_UPCALL is enabled, relies on a user's keyri… |
CVE-2010-2492 | High | 7.8 | 2010-09-08 | Buffer overflow in the ecryptfs_uid_hash macro in fs/ecryptfs/messaging.c in the eCryptfs subsystem in the Linux kernel before 2.6.35 might allow local users t… |
CVE-2010-4251 | High | 7.5 | 2011-05-26 | The socket implementation in net/core/sock.c in the Linux kernel before 2.6.34 does not properly manage a backlog of received packets, which allows remote atta… |
CVE-2010-4655 | Medium | 5.5 | 2011-07-18 | net/core/ethtool.c in the Linux kernel before 2.6.36 does not initialize certain data structures, which allows local users to obtain potentially sensitive info… |
CVE-2010-4343 | Medium | 5.5 | 2010-12-29 | drivers/scsi/bfa/bfa_core.c in the Linux kernel before 2.6.35 does not initialize a certain port data structure, which allows local users to cause a denial of… |
CVE-2010-3078 | Medium | 5.5 | 2010-09-21 | The xfs_ioc_fsgetxattr function in fs/xfs/linux-2.6/xfs_ioctl.c in the Linux kernel before 2.6.36-rc4 does not initialize a certain structure member, which all… |
CVE-2010-2942 | Medium | 5.5 | 2010-09-21 | The actions implementation in the network queueing functionality in the Linux kernel before 2.6.36-rc2 does not properly initialize certain structure members w… |
CVE-2010-2066 | Medium | 5.5 | 2010-09-08 | The mext_check_arguments function in fs/ext4/move_extent.c in the Linux kernel before 2.6.35 allows local users to overwrite an append-only file via a MOVE_EXT… |
CVE-2014-1208 | | 2014-01-17 | VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 al… | |
CVE-2014-1207 | | 2014-01-17 | VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Ne… | |
CVE-2013-5973 | | 2013-12-23 | VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Po… | |
CVE-2013-3519 | | 2013-12-04 | lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ES… | |
CVE-2013-5970 | | 2013-10-21 | hostd-vmdb in VMware ESXi 4.0 through 5.0 and ESX 4.0 through 4.1 allows remote attackers to cause a denial of service (hostd-vmdb service outage) by modifying… | |
CVE-2013-3658 | | 2013-09-10 | Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecifie… | |
CVE-2013-3657 | | 2013-09-10 | Buffer overflow in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to execute arbitrary code or cause a denial of service via unspeci… | |
CVE-2013-1661 | | 2013-09-04 | VMware ESXi 4.0 through 5.1, and ESX 4.0 and 4.1, does not properly implement the Network File Copy (NFC) protocol, which allows man-in-the-middle attackers to… |