vmware
1,005 tracked vulnerabilities.
CVE-2016-7459
HIGH
VMware vCenter Server 5.5-6.0 - Authenticated XXE Injection via Log Browser, Distributed Switch, or Content Library
Dec 29, 2016
CVSS 7.7
EPSS 0.02
CVE-2016-7458
MEDIUM
VMware vSphere Client 5.5-6.0 - XML External Entity Injection via External Entity Declaration
Dec 29, 2016
CVSS 5.8
EPSS 0.01
CVE-2016-7457
CRITICAL
VMware vRealize Operations 6.x - Authenticated Privilege Escalation and Virtual Machine Manipulation
Dec 29, 2016
CVSS 10.0
EPSS 0.03
CVE-2016-7456
CRITICAL
VMware vSphere Data Protection 5.5.x-6.1.x - Unauthenticated SSH Login via Default Private Key
Dec 29, 2016
CVSS 9.8
EPSS 0.33
CVE-2016-7087
MEDIUM
VMware Horizon View 5.x-6.x - Directory Traversal
Dec 29, 2016
CVSS 5.3
EPSS 0.04
CVE-2016-7086
HIGH
VMware Workstation Pro and Player 12.x - Privilege Escalation via Trojan Horse setup64.exe
Dec 29, 2016
CVSS 7.8
EPSS 0.00
CVE-2016-7085
HIGH
VMware Workstation Pro and Player 12.x - Untrusted Search Path
Dec 29, 2016
CVSS 7.8
EPSS 0.00
CVE-2016-7084
HIGH
VMware Workstation Player 12.x - Remote Code Execution via JPEG 2000 Image
Dec 29, 2016
CVSS 7.8
EPSS 0.02
CVE-2016-7083
HIGH
VMware Workstation Pro and Player 12.x - Remote Code Execution via Cortado ThinPrint EMFSPOOL TrueType Fonts
Dec 29, 2016
CVSS 7.8
EPSS 0.01
CVE-2016-7082
HIGH
VMware Workstation Pro and Player 12.x - Remote Code Execution via EMF File
Dec 29, 2016
CVSS 7.8
EPSS 0.00
CVE-2016-7081
HIGH
VMware Workstation Pro and Player 12.x - Heap-Based Buffer Overflow via Cortado ThinPrint Virtual Printing
Dec 29, 2016
CVSS 7.8
EPSS 0.01
CVE-2016-7080
HIGH
VMware Tools < 10.0.9 - NULL Pointer Dereference in Graphic Acceleration Functions
Dec 29, 2016
CVSS 7.8
EPSS 0.00
CVE-2016-7079
HIGH
VMware Tools < 10.0.9 - NULL Pointer Dereference in Graphic Acceleration Functions
Dec 29, 2016
CVSS 7.8
EPSS 0.00
CVE-2016-5334
MEDIUM
VMware Identity Manager 2.0-2.7.0 and vRealize Automation 7.0-7.1.9 - Unauthenticated Sensitive File Exposure
Dec 29, 2016
CVSS 5.3
EPSS 0.02
CVE-2016-5329
MEDIUM
VMware Fusion 8.x - Unauthorized Kernel Memory Address Exposure via kASLR Bypass
Dec 29, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-5328
MEDIUM
Vmware Tools < 10.0.8 - Information Disclosure
Dec 29, 2016
CVSS 5.5
EPSS 0.00
CVE-2016-5336
CRITICAL
VMware vRealize Automation <7.1 - RCE
Aug 31, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-5335
HIGH
VMware Identity Manager <2.7 & vRealize Automation <7.1 - Privilege...
Aug 31, 2016
CVSS 7.8
EPSS 0.00
CVE-2016-5333
CRITICAL
VMware Photon OS < 1.0 - Use of Hard-coded Credentials in SSH Authorized Keys
Aug 31, 2016
CVSS 9.8
EPSS 0.03
CVE-2016-5332
MEDIUM
VMware vRealize Log Insight 2.x-3.x - Path Traversal
Aug 31, 2016
CVSS 5.3
EPSS 0.03
CVE-2016-5331
MEDIUM
VMware vCenter Server <6.0 - Code Injection
Aug 08, 2016
CVSS 6.1
EPSS 0.02
CVE-2016-5330
HIGH
VMware Workstation Player 12.1.0-12.1.1 - Untrusted Search Path via HGFS Shared Folders
Aug 08, 2016
CVSS 7.8
EPSS 0.18
CVE-2016-2082
HIGH
VMware vRealize Log Insight 2.x and 3.x < 3.3.2 - Cross-Site Request Forgery
Jul 03, 2016
CVSS 8.8
EPSS 0.01
CVE-2016-2081
MEDIUM
VMware vRealize Log Insight 2.x-3.x - Cross-Site Scripting
Jul 03, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-2079
MEDIUM
VMware NSX Edge 6.1-6.1.7 and 6.2-6.2.3 and vCNS Edge 5.5-5.5.4.3 - Exposure of Sensitive Information via SSL-VPN
Jul 03, 2016
CVSS 5.9
EPSS 0.01
Products
workstation 213
esxi 139
cloud_foundation 135
fusion 131
player 89
esx 86
vcenter_server 79
spring_framework 66
server 58
ace 44
spring_security 36
identity_manager 28
workstation_pro 27
workstation_player 26
horizon_client 25
Workstation 23
tools 22
vrealize_suite_lifecycle_manager 21
vrealize_automation 20
spring_boot 18
vrealize_operations 18
ESXi 16
aria_operations 16
spring_ai 16
vmware_workstation 15
vrealize_log_insight 15
workspace_one_access 15
horizon_view 14
telco_cloud_platform 14
vcenter_server_appliance 14
Quick Filters