Search Results (1045 CVEs found)

CVE Vendors Products Updated CVSS v3.1
CVE-2022-42264 5 Citrix, Linux, Nvidia and 2 more 12 Hypervisor, Linux Kernel, Cloud Gaming and 9 more 2025-04-11 7.1 High
NVIDIA GPU Display Driver for Linux contains a vulnerability in the kernel mode layer, where an unprivileged regular user can cause the use of an out-of-range pointer offset, which may lead to data tampering, data loss, information disclosure, or denial of service.
CVE-2010-0686 1 Vmware 3 Esx Server, Server, Virtualcenter 2025-04-11 N/A
WebAccess in VMware VirtualCenter 2.0.2 and 2.5, VMware Server 2.0, and VMware ESX 3.0.3 and 3.5 allows remote attackers to leverage proxy-server functionality to spoof the origin of requests via unspecified vectors, related to a "URL forwarding vulnerability."
CVE-2013-1662 1 Vmware 2 Player, Workstation 2025-04-11 N/A
vmware-mount in VMware Workstation 8.x and 9.x and VMware Player 4.x and 5.x, on systems based on Debian GNU/Linux, allows host OS users to gain host OS privileges via a crafted lsb_release binary in a directory in the PATH, related to use of the popen library function.
CVE-2010-1137 1 Vmware 3 Esx Server, Server, Virtualcenter 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a virtual machine.
CVE-2009-2277 1 Vmware 2 Esx Server, Virtualcenter 2025-04-11 N/A
Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5 allows remote attackers to inject arbitrary web script or HTML via vectors related to "context data."
CVE-2013-3658 1 Vmware 2 Esx, Esxi 2025-04-11 N/A
Directory traversal vulnerability in VMware ESXi 4.0 through 5.0, and ESX 4.0 and 4.1, allows remote attackers to delete arbitrary host OS files via unspecified vectors.
CVE-2010-2943 5 Avaya, Canonical, Linux and 2 more 11 Aura Communication Manager, Aura Presence Services, Aura Session Manager and 8 more 2025-04-11 8.1 High
The xfs implementation in the Linux kernel before 2.6.35 does not look up inode allocation btrees before reading inode buffers, which allows remote authenticated users to read unlinked files, or read or overwrite disk blocks that are currently assigned to an active file but were previously assigned to an unlinked file, by accessing a stale NFS filehandle.
CVE-2012-5458 2 Microsoft, Vmware 3 Windows, Player, Workstation 2025-04-11 N/A
VMware Workstation 8.x before 8.0.5 and VMware Player 4.x before 4.0.5 on Windows use weak permissions for unspecified process threads, which allows host OS users to gain host OS privileges via a crafted application.
CVE-2014-1207 1 Vmware 2 Esx, Esxi 2025-04-11 N/A
VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Network File Copy (NFC) traffic.
CVE-2009-4811 1 Vmware 4 Ace, Player, Server and 1 more 2025-04-11 N/A
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\x90 sequence in the USER and PASS commands, a related issue to CVE-2009-3707. NOTE: some of these details are obtained from third party information.
CVE-2012-6326 1 Vmware 2 Vcenter Server, Vcenter Server Appliance 2025-04-11 N/A
VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial of service (disk consumption) via vectors that trigger large log entries.
CVE-2009-1564 2 Microsoft, Vmware 5 Windows, Movie Decoder, Player and 2 more 2025-04-11 N/A
Heap-based buffer overflow in vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted video chunks that use HexTile encoding.
CVE-2009-1565 2 Microsoft, Vmware 5 Windows, Movie Decoder, Player and 2 more 2025-04-11 N/A
vmnc.dll in the VMnc media codec in VMware Movie Decoder before 6.5.4 Build 246459 on Windows, and the movie decoder in VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Windows, allows remote attackers to execute arbitrary code via an AVI file with crafted HexTile-encoded video chunks that trigger heap-based buffer overflows, related to "integer truncation errors."
CVE-2011-4404 1 Vmware 1 Vcenter Update Manager 2025-04-11 N/A
The default configuration of the HTTP server in Jetty in vSphere Update Manager in VMware vCenter Update Manager 4.0 before Update 4 and 4.1 before Update 2 allows remote attackers to conduct directory traversal attacks and read arbitrary files via unspecified vectors, a related issue to CVE-2009-1523.
CVE-2010-2667 1 Vmware 1 Studio 2025-04-11 N/A
Multiple unspecified vulnerabilities in the Virtual Appliance Management Infrastructure (VAMI) in VMware Studio 2.0 allow remote authenticated users to execute arbitrary commands via vectors involving (1) the Studio virtual appliance or (2) a virtual appliance created by the Studio virtual appliance.
CVE-2012-6325 1 Vmware 1 Vcenter Server Appliance 2025-04-11 N/A
VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2011-1789 1 Vmware 3 Esx, Esxi, Vcenter 2025-04-11 N/A
The self-extracting installer in the vSphere Client Installer package in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, VMware ESXi 4.x before 4.1 Update 1, and VMware ESX 4.x before 4.1 Update 1 does not have a digital signature, which might make it easier for remote attackers to spoof the software distribution via a Trojan horse installer.
CVE-2012-6324 1 Vmware 1 Vcenter Server Appliance 2025-04-11 N/A
Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote authenticated users to read arbitrary files via unspecified vectors.
CVE-2012-1517 1 Vmware 2 Esx, Esxi 2025-04-11 N/A
The VMX process in VMware ESXi 4.1 and ESX 4.1 does not properly handle RPC commands, which allows guest OS users to cause a denial of service (memory overwrite and process crash) or possibly execute arbitrary code on the host OS via vectors involving function pointers.
CVE-2011-0426 1 Vmware 2 Vcenter, Virtualcenter 2025-04-11 N/A
Directory traversal vulnerability in vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1, and VMware VirtualCenter 2.5 before Update 6a, allows remote attackers to read arbitrary files via unspecified vectors.