vmware

1,005 tracked vulnerabilities.

CVE-2016-2078 MEDIUM
VMware vCenter Server 5.1-5.5 - Cross-Site Scripting via Flashvars Parameter
Jun 08, 2016
CVSS 6.1
EPSS 0.01
CVE-2016-2077 CRITICAL
VMware Player 7.x < 7.1.3 and Workstation 11.x < 11.1.3 - Privilege Escalation via Executable File Access
May 18, 2016
CVSS 9.8
EPSS 0.02
CVE-2016-2076 HIGH
VMware vCenter Server 5.5 U3a-U3c and 6.0 < U2 - Session Hijacking via Client Integration Plugin
Apr 15, 2016
CVSS 7.6
EPSS 0.01
CVE-2016-2075 MEDIUM
VMware vRealize Business Advanced and Enterprise 8.x < 8.2.5 - Authenticated Cross-Site Scripting
Mar 16, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-5258 HIGH
springframework-social <1.1.3 - CSRF
Aug 22, 2017
CVSS 8.8
EPSS 0.01
CVE-2015-5191 MEDIUM
VMware Tools < 10.0.9 - Local Privilege Escalation via Hard-Coded /tmp Path Race Condition
Jul 28, 2017
CVSS 6.7
EPSS 0.00
CVE-2015-5211 CRITICAL
Spring Framework <4.2.1, 3.2.14 - RFD
May 25, 2017
CVSS 9.6
EPSS 0.03
CVE-2015-3192 MEDIUM
Pivotal Spring Framework <3.2.14 & 4.x <4.1.7 - DoS
Jul 12, 2016
CVSS 5.5
EPSS 0.03
CVE-2015-6931 MEDIUM
VMware vCenter Server 5.0-5.5 - Cross-Site Scripting via Crafted URL
Jul 03, 2016
CVSS 6.1
EPSS 0.01
CVE-2015-2344 MEDIUM
VMware vRealize Automation 6.x - Authenticated Cross-Site Scripting
Mar 16, 2016
CVSS 5.4
EPSS 0.01
CVE-2015-6933 MEDIUM
VMware Player and Workstation - Improper Access Control in Shared Folders
Jan 09, 2016
CVSS 6.3
EPSS 0.02
CVE-2015-6934 HIGH
VMware vRealize Orchestrator 6.x and vCenter Orchestrator 5.x - Remote Code Execution via Deserialization
Dec 21, 2015
CVSS 7.3
EPSS 0.05
CVE-2015-2342
VMware vCenter Server 5.0-5.5 and 6.0 - Remote Code Execution via JMX RMI MBean Registration
Oct 12, 2015
EPSS 0.89
CVE-2015-1047
VMware vCenter Server <5.0u3e, <5.1u3, <5.5u2 - DoS
Oct 12, 2015
EPSS 0.03
CVE-2015-6932
VMware vCenter Server 5.5-6.0 - Unauthenticated Man-in-the-Middle via Unverified TLS LDAP Certificates
Sep 18, 2015
EPSS 0.01
CVE-2015-3650
VMware <10.0.7-11.1.1 - Privilege Escalation
Jul 10, 2015
EPSS 0.00
CVE-2015-2341
VMware Fusion 6.x-7.x and Player 6.x - Denial of Service via Crafted RPC Command
Jun 13, 2015
EPSS 0.02
CVE-2015-2340
VMware Horizon Client 3.2.x-3.3.x and 5.x - Denial of Service via TPInt.dll Memory Allocation
Jun 13, 2015
EPSS 0.01
CVE-2015-2339
VMware Horizon Client 3.2.x-3.2.1, 3.3.x, 5.x < 5.4.2 - Denial of Service via TPview.dll Memory Allocation
Jun 13, 2015
EPSS 0.01
CVE-2015-2338
VMware Horizon Client 3.2.x-3.2.1, 3.3.x, 5.x < 5.4.2 - Denial of Service in TPview.dll
Jun 13, 2015
EPSS 0.01
CVE-2015-2337
VMware Workstation 10.x-11.x, Player 6.x-7.x, Horizon Client 3.2.x-5.x - Remote Code Execution
Jun 13, 2015
EPSS 0.01
CVE-2015-2336
VMware Workstation, Player, and Horizon Client - Remote Code Execution in TPView.dll
Jun 13, 2015
EPSS 0.01
CVE-2015-0201
Spring Framework 4.1.x < 4.1.5 - Predictable Session ID Generation in Java SockJS Client
Mar 10, 2015
EPSS 0.02
CVE-2015-1044
VMware Workstation <10.0.5-ESXi 5.5 - DoS
Jan 29, 2015
EPSS 0.01
CVE-2015-1043
VMware Workstation/Fusion/Player <10.0.5-7.0.1 - DoS
Jan 29, 2015
EPSS 0.01