CVE-2016-7458
- EPSS 0.45%
- Published 29.12.2016 09:59:00
- Last modified 12.04.2025 10:46:40
VMware vSphere Client 5.5 before U3e and 6.0 before U2a allows remote vCenter Server and ESXi instances to read arbitrary files via an XML document containing an external entity declaration in conjunction with an entity reference, related to an XML E...
CVE-2014-1209
- EPSS 4.13%
- Published 11.04.2014 19:55:04
- Last modified 12.04.2025 10:46:40
VMware vSphere Client 4.0, 4.1, 5.0 before Update 3, and 5.1 before Update 2 does not properly validate updates to Client files, which allows remote attackers to trigger the downloading and execution of an arbitrary program via unspecified vectors.
CVE-2014-1210
- EPSS 0.18%
- Published 11.04.2014 19:55:04
- Last modified 12.04.2025 10:46:40
VMware vSphere Client 5.0 before Update 3 and 5.1 before Update 2 does not properly validate X.509 certificates, which allows man-in-the-middle attackers to spoof SSL servers via a crafted certificate.
- EPSS 0.9%
- Published 15.02.2013 12:09:29
- Last modified 11.04.2025 00:51:21
VMware vCenter Server 4.0 before Update 4b and 4.1 before Update 3a, VMware VirtualCenter 2.5, VMware vSphere Client 4.0 before Update 4b and 4.1 before Update 3a, VMware VI-Client 2.5, VMware ESXi 3.5 through 4.1, and VMware ESX 3.5 through 4.1 do n...