VMware

ESXi

123 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
8.8

CVE-2017-16544

Exploit
  • EPSS 1.31%
  • Published 20.11.2017 15:29:00
  • Last modified 09.06.2025 16:15:26

In the add_match function in libbb/lineedit.c in BusyBox through 1.27.2, the tab autocomplete feature of the shell, used to get a list of filenames in a directory, does not sanitize filenames and results in executing any escape sequence in the termin...

8.8

CVE-2017-4924

Exploit
  • EPSS 0.07%
  • Published 15.09.2017 13:29:00
  • Last modified 20.04.2025 01:37:25

VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

5.5

CVE-2017-4925

  • EPSS 0.19%
  • Published 15.09.2017 13:29:00
  • Last modified 20.04.2025 01:37:25

VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability...

8.8

CVE-2017-4902

  • EPSS 0.06%
  • Published 07.06.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest...

8.8

CVE-2017-4903

  • EPSS 0.07%
  • Published 07.06.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player ...

8.8

CVE-2017-4904

  • EPSS 0.1%
  • Published 07.06.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Wo...

5.5

CVE-2017-4905

  • EPSS 2.07%
  • Published 07.06.2017 18:29:00
  • Last modified 20.04.2025 01:37:25

VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x...

5.4

CVE-2016-7463

  • EPSS 0.18%
  • Published 29.12.2016 09:59:00
  • Last modified 12.04.2025 10:46:40

Cross-site scripting (XSS) vulnerability in the Host Client in VMware vSphere Hypervisor (aka ESXi) 5.5 and 6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted VM.

6.1

CVE-2016-5331

  • EPSS 0.33%
  • Published 08.08.2016 01:59:17
  • Last modified 12.04.2025 10:46:40

CRLF injection vulnerability in VMware vCenter Server 6.0 before U2 and ESXi 6.0 allows remote attackers to inject arbitrary HTTP headers and conduct HTTP response splitting attacks via unspecified vectors.

7.8

CVE-2016-5330

Exploit
  • EPSS 25.48%
  • Published 08.08.2016 01:59:16
  • Last modified 12.04.2025 10:46:40

Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x b...