Page 2 of 17 results (0.013 seconds)

CVSS: 4.0EPSS: 0%CPEs: 101EXPL: 0

Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors. Vulnerabilidad no especificada en el controlador VMware Descheduled Time Accounting en VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE v2.5.1 y anteriores, VMware Server v1.x anteriores a v1.0.9 build 156507 y v2.x anteriores a v2.0.1 build 156745, VMware Fusion v2.x anteriores a v2.0.2 build 147997, VMware ESXi v3.5, y VMware ESX v3.0.2, v3.0.3, y v3.5, cuando el servicio Descheduled Time Accounting no se está ejecutando, permite a usuarios invitados del sistema operativo en Windows provocar una denegación de servicio mediante vectores desconocidos. • http://secunia.com/advisories/35269 http://www.securityfocus.com/archive/1/503912/100/0/threaded http://www.securityfocus.com/bid/35141 http://www.securitytracker.com/id?1022300 http://www.vmware.com/security/advisories/VMSA-2009-0007.html http://www.vupen.com/english/advisories/2009/1452 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6130 •

CVSS: 6.8EPSS: 0%CPEs: 93EXPL: 0

Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916. Una vulnerabilidad no especificada en la función de pantalla de máquina virtual de en VMware Workstation v6.5.1 y anteriores; VMware Player v2.5.1 y anteriores; VMware ACE v2.5.1 y anteriores; VMware Server v1.x antes de la v1.0.9 build 156507 y v2.x antes de v2.0.1 build 156745; VMware Fusion antes de la v2.0.4 build 159196; VMware ESXi 3.5 y VMware ESX v3.0.2, v3.0.3 y v3.5 permite ejecutar, a los usuarios invitados, código arbitrario en el sistema operativo anfitrión a través de vectores desconocidos, una vulnerabilidad diferente a la CVE-2008-4916. • http://lists.vmware.com/pipermail/security-announce/2009/000055.html http://osvdb.org/53634 http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/archive/1/502615/100/0/threaded http://www.securityfocus.com/bid/34471 http://www.securitytracker.com/id?1022031 http://www.vmware.com/security/advisories/VMSA-2009-0006.html http://www.vupen.com/english/advisories/2009/0944 https://exchange.xforce.ibmcloud.com/vulnerabilities/49834 https://oval.cisecurity.org •

CVSS: 4.6EPSS: 0%CPEs: 71EXPL: 0

Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (host OS crash) via unknown vectors. Vulnerabilidad no especificada en un controlado de dispositivo virtual invitado en VMware Workstation versiones anteriores a v5.5.9 build 126128, y v6.5.1 y versiones anteriores 6.x ; VMware Player versiones anteriores a v1.0.9 build 126128, y v2.5.1 y versiones anteriores 2.x; VMware ACE versiones anteriores a v1.0.8 build 125922, y v2.5.1 y versiones anteriores 2.x; VMware Server 1.x versiones anteriores a v1.0.8 build 126538 y 2.0.x versiones anteriores a v2.0.1 build 156745; VMware Fusion versiones anteriore a v2.0.1; VMware ESXi v3.5; y VMware ESX 3.0.2, v3.0.3, y v3.5 permite a usuarios del sistema operativo visitantes provocar una denegación de servicio (caída del sistema operativo host) a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2009/000054.html http://seclists.org/fulldisclosure/2009/Apr/0036.html http://security.gentoo.org/glsa/glsa-201209-25.xml http://www.securityfocus.com/bid/34373 http://www.securitytracker.com/id?1021973 http://www.vmware.com/security/advisories/VMSA-2009-0005.html http://www.vupen.com/english/advisories/2009/0944 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6439 •

CVSS: 9.3EPSS: 0%CPEs: 2EXPL: 0

Directory traversal vulnerability in VMWare ESXi 3.5 before ESXe350-200810401-O-UG and ESX 3.5 before ESX350-200810201-UG allows administrators with the Datastore.FileManagement privilege to gain privileges via unknown vectors. Vulnerabilidad de salto de directorio en VMWare ESXi 3.5 anterior a ESXe350-200810401-O-UG y ESX 3.5 anterior a ESX350-200810201-UG; permite a los administradores con el privilegio Datastore.FileManagement, ganar privilegios a través de vectores desconocidos. • http://lists.vmware.com/pipermail/security-announce/2008/000042.html http://secunia.com/advisories/32624 http://www.securityfocus.com/archive/1/498138/100/0/threaded http://www.securityfocus.com/bid/32172 http://www.securitytracker.com/id?1021155 http://www.vmware.com/security/advisories/VMSA-2008-0018.html http://www.vupen.com/english/advisories/2008/3052 https://exchange.xforce.ibmcloud.com/vulnerabilities/46418 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.ov • CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') •

CVSS: 6.9EPSS: 0%CPEs: 37EXPL: 0

Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file. Vulnerabilidad de ruta de búsqueda no confiable en vmware-authd en VMware Workstation versión 5.x anterior a 5.5.7 build 91707 y versión 6.x anterior a 6.0.4 build 93057, VMware Player versión 1.x anterior a 1.0.7 build 91707 y versión 2.x anterior a 2.0.4 build 93057, y VMware Server anterior a 1.0.6 build 91891 en Linux, y VMware ESXi versión 3.5 y VMware ESX versión 2.5.4 hasta 3.5, permite a los usuarios locales obtener privilegios por medio de una opción de path library en un archivo de configuración. • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713 http://secunia.com/advisories/30556 http://security.gentoo.org/glsa/glsa-201209-25.xml http://securityreason.com/securityalert/3922 http://securitytracker.com/id?1020198 http://www.securityfocus.com/archive/1/493080/100/0/threaded http://www.securityfocus.com/bid/29557 http://www.vmware.com/security/advisories/VMSA-2008-0009.html http://www.vupen.com/english/advisories/2008/1744 https://exchange.xforce.ibmcloud. •