Max CVSS | 10.0 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2009-3733 | 5.0 |
Directory traversal vulnerability in VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138 on Linux, VMware ESXi 3.5, and VMware ESX 3.0.3 and 3.5 allows remote attackers to read arbitrary files via unspecified vectors.
|
17-05-2024 - 17:27 | 02-11-2009 - 15:30 | |
CVE-2009-4811 | 5.0 |
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build
|
14-02-2024 - 01:17 | 27-04-2010 - 15:30 | |
CVE-2009-3707 | 5.0 |
VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build
|
14-02-2024 - 01:17 | 16-10-2009 - 16:30 | |
CVE-2009-0040 | 6.8 |
The PNG reference library (aka libpng) before 1.0.43, and 1.2.x before 1.2.35, as used in pngcrush and other applications, allows context-dependent attackers to cause a denial of service (application crash) or possibly execute arbitrary code via a cr
|
09-02-2024 - 03:25 | 22-02-2009 - 22:30 | |
CVE-2007-5503 | 6.8 |
Multiple integer overflows in Cairo before 1.4.12 might allow remote attackers to execute arbitrary code, as demonstrated using a crafted PNG image with large width and height values, which is not properly handled by the read_png function.
|
13-02-2023 - 02:18 | 30-11-2007 - 01:46 | |
CVE-2009-3732 | 10.0 |
Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors.
|
24-01-2023 - 16:09 | 12-04-2010 - 18:30 | |
CVE-2008-1808 | 7.5 |
Multiple off-by-one errors in FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via (1) a crafted table in a Printer Font Binary (PFB) file or (2) a crafted SHC instruction in a TrueType Font (TTF) file, which trigger
|
26-01-2021 - 12:41 | 16-06-2008 - 19:41 | |
CVE-2008-1447 | 5.0 |
The DNS protocol, as implemented in (1) BIND 8 and 9 before 9.5.0-P1, 9.4.2-P1, and 9.3.5-P1; (2) Microsoft DNS in Windows 2000 SP4, XP SP2 and SP3, and Server 2003 SP1 and SP2; and other implementations allow remote attackers to spoof DNS traffic vi
|
24-03-2020 - 18:19 | 08-07-2008 - 23:41 | |
CVE-2008-2100 | 7.2 |
Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS u
|
14-08-2019 - 11:29 | 05-06-2008 - 20:32 | |
CVE-2008-4917 | 7.2 |
Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through
|
02-11-2018 - 13:44 | 09-12-2008 - 00:30 | |
CVE-2008-4915 | 6.9 |
The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through
|
02-11-2018 - 13:43 | 10-11-2008 - 14:12 | |
CVE-2008-1363 | 7.2 |
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain pri
|
01-11-2018 - 16:24 | 20-03-2008 - 00:44 | |
CVE-2007-5671 | 4.4 |
HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not
|
30-10-2018 - 16:26 | 05-06-2008 - 20:32 | |
CVE-2008-0967 | 6.9 |
Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build
|
30-10-2018 - 16:26 | 05-06-2008 - 20:32 | |
CVE-2009-1244 | 6.8 |
Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; V
|
30-10-2018 - 16:25 | 13-04-2009 - 16:30 | |
CVE-2007-5269 | 5.0 |
Certain chunk handlers in libpng before 1.0.29 and 1.2.x before 1.2.21 allow remote attackers to cause a denial of service (crash) via crafted (1) pCAL (png_handle_pCAL), (2) sCAL (png_handle_sCAL), (3) tEXt (png_push_read_tEXt), (4) iTXt (png_handle
|
15-10-2018 - 21:42 | 08-10-2007 - 21:17 | |
CVE-2008-2098 | 6.9 |
Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when
|
11-10-2018 - 20:39 | 02-06-2008 - 21:30 | |
CVE-2008-2101 | 2.1 |
The VMware Consolidated Backup (VCB) command-line utilities in VMware ESX 3.0.1 through 3.0.3 and ESX 3.5 place a password on the command line, which allows local users to obtain sensitive information by listing the process.
|
11-10-2018 - 20:39 | 03-09-2008 - 14:12 | |
CVE-2008-1807 | 7.5 |
FreeType2 before 2.3.6 allow context-dependent attackers to execute arbitrary code via an invalid "number of axes" field in a Printer Font Binary (PFB) file, which triggers a free of arbitrary memory locations, leading to memory corruption.
|
11-10-2018 - 20:36 | 16-06-2008 - 19:41 | |
CVE-2008-1806 | 7.5 |
Integer overflow in FreeType2 before 2.3.6 allows context-dependent attackers to execute arbitrary code via a crafted set of 16-bit length values within the Private dictionary table in a Printer Font Binary (PFB) file, which triggers a heap-based buf
|
11-10-2018 - 20:36 | 16-06-2008 - 19:41 | |
CVE-2008-1392 | 10.0 |
The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors.
|
11-10-2018 - 20:33 | 20-03-2008 - 00:44 | |
CVE-2008-1361 | 6.8 |
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain pri
|
11-10-2018 - 20:32 | 20-03-2008 - 00:44 | |
CVE-2008-1362 | 7.2 |
VMware Workstation 6.0.x before 6.0.3 and 5.5.x before 5.5.6, VMware Player 2.0.x before 2.0.3 and 1.0.x before 1.0.6, VMware ACE 2.0.x before 2.0.1 and 1.0.x before 1.0.5, and VMware Server 1.0.x before 1.0.5 on Windows allow local users to gain pri
|
11-10-2018 - 20:32 | 20-03-2008 - 00:44 | |
CVE-2008-1364 | 7.8 |
Unspecified vulnerability in the DHCP service in VMware Workstation 5.5.x before 5.5.6, VMware Player 1.0.x before 1.0.6, VMware ACE 1.0.x before 1.0.5, VMware Server 1.0.x before 1.0.5, and VMware Fusion 1.1.x before 1.1.1 allows attackers to cause
|
11-10-2018 - 20:32 | 20-03-2008 - 00:44 | |
CVE-2008-1340 | 7.1 |
Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that tri
|
11-10-2018 - 20:31 | 20-03-2008 - 00:44 | |
CVE-2009-2267 | 6.9 |
VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.
|
10-10-2018 - 19:39 | 02-11-2009 - 15:30 | |
CVE-2011-3868 | 9.3 |
Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.
|
09-10-2018 - 19:33 | 07-10-2011 - 20:55 | |
CVE-2009-0910 | 6.8 |
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows re
|
29-09-2017 - 01:34 | 06-04-2009 - 15:30 | |
CVE-2009-0909 | 9.3 |
Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows re
|
29-09-2017 - 01:34 | 06-04-2009 - 15:30 | |
CVE-2008-4916 | 4.6 |
Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build
|
29-09-2017 - 01:32 | 06-04-2009 - 15:30 | |
CVE-2010-1141 | 8.5 |
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; V
|
19-09-2017 - 01:30 | 12-04-2010 - 18:30 | |
CVE-2010-1143 | 4.3 |
Cross-site scripting (XSS) vulnerability in VMware View (formerly Virtual Desktop Manager or VDM) 3.1.x before 3.1.3 build 252693 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.
|
19-09-2017 - 01:30 | 07-05-2010 - 18:24 | |
CVE-2010-1137 | 4.3 |
Cross-site scripting (XSS) vulnerability in WebAccess in VMware VirtualCenter 2.0.2 and 2.5 and VMware ESX 3.0.3 and 3.5, and the Server Console in VMware Server 1.0, allows remote attackers to inject arbitrary web script or HTML via the name of a vi
|
19-09-2017 - 01:30 | 01-04-2010 - 19:30 | |
CVE-2010-1138 | 5.0 |
The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VM
|
15-05-2013 - 03:07 | 12-04-2010 - 18:30 | |
CVE-2010-1140 | 6.9 |
The USB service in VMware Workstation 7.0 before 7.0.1 build 227600 and VMware Player 3.0 before 3.0.1 build 227600 on Windows might allow host OS users to gain privileges by placing a Trojan horse program at an unspecified location on the host OS di
|
15-05-2013 - 03:07 | 12-04-2010 - 18:30 | |
CVE-2010-1139 | 7.2 |
Format string vulnerability in vmrun in VMware VIX API 1.6.x, VMware Workstation 6.5.x before 6.5.4 build 246459, VMware Player 2.5.x before 2.5.4 build 246459, and VMware Server 2.x on Linux, and VMware Fusion 2.x before 2.0.7 build 246742, allows l
|
15-05-2013 - 03:07 | 12-04-2010 - 18:30 | |
CVE-2010-1142 | 8.5 |
VMware Tools in VMware Workstation 6.5.x before 6.5.4 build 246459; VMware Player 2.5.x before 2.5.4 build 246459; VMware ACE 2.5.x before 2.5.4 build 246459; VMware Server 2.x before 2.0.2 build 203138; VMware Fusion 2.x before 2.0.6 build 246742; V
|
15-05-2013 - 03:07 | 12-04-2010 - 18:30 |