Summary
| Detail | |||
|---|---|---|---|
| Vendor | Vmware | First view | 2008-11-10 |
| Product | Esxi | Last view | 2019-10-10 |
| Version | * | Type | Os |
| Update | * | ||
| Edition | * | ||
| Language | * | ||
| Sofware Edition | * | ||
| Target Software | * | ||
| Target Hardware | * | ||
| Other | * | ||
| CPE Product | cpe:2.3:o:vmware:esxi | ||
Activity : Overall
Related : CVE
| Date | Alert | Description | |
|---|---|---|---|
| 8.8 | 2019-10-10 | CVE-2019-5527 | ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5. |
| 8.8 | 2018-10-16 | CVE-2018-6974 | VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host. |
| 6.5 | 2018-07-25 | CVE-2018-6972 | VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. |
| 9.3 | 2008-11-10 | CVE-2008-4281 | Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors. |
CWE : Common Weakness Enumeration
| % | id | Name |
|---|---|---|
| 25% (1) | CWE-476 | NULL Pointer Dereference |
| 25% (1) | CWE-416 | Use After Free |
| 25% (1) | CWE-125 | Out-of-bounds Read |
| 25% (1) | CWE-22 | Improper Limitation of a Pathname to a Restricted Directory ('Path ... |
Open Source Vulnerability Database (OSVDB)
| id | Description |
|---|---|
| 49947 | VMware ESX / ESXi Datastore.FileManagement Unspecified Traversal Privilege Es... |
Nessus® Vulnerability Scanner
| id | Description |
|---|---|
| 2018-10-26 | Name: A virtualization application installed on the remote macOS or Mac OS X host i... File: macosx_fusion_vmsa_2018_0026.nasl - Type: ACT_GATHER_INFO |
| 2009-07-27 | Name: The remote VMware ESXi / ESX host is missing a security-related patch. File: vmware_VMSA-2008-0018.nasl - Type: ACT_GATHER_INFO |
