CVSS: 6.4EPSS: 0%CPEs: 21EXPL: 0CVE-2014-8370
https://notcve.org/view.php?id=CVE-2014-8370
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file. VMware Workstation 10.x anterior a 10.0.5, VMware Player 6.x anterior a 6.0.5, VMware Fusion 6.x anterior a 6.0.5, y VMware ESXi 5.0 hasta 5.5 permiten a usuarios del sistema operativo anfitrión ganar privilegios del sistema operativo anfitrión o causar una denegación de servicio (escritura arbitraria a un fichero) mediante la modificación de un fichero de configuración. • http://jvn.jp/en/jp/JVN88252465/index.html http://jvndb.jvn.jp/jvndb/JVNDB-2015-000007 http://secunia.com/advisories/62551 http://secunia.com/advisories/62605 http://secunia.com/advisories/62669 http://www.securityfocus.com/bid/72338 http://www.securitytracker.com/id/1031642 http://www.securitytracker.com/id/1031643 http://www.vmware.com/security/advisories/VMSA-2015-0001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/100933 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 4.3EPSS: 1%CPEs: 7EXPL: 0CVE-2014-4241
https://notcve.org/view.php?id=CVE-2014-4241
Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers to affect integrity via vectors related to WLS - Web Services. Vulnerabilidad no especificada en el componente Oracle WebLogic Server en Oracle Fusion Middleware 10.0.2.0 y 10.3.6.0 permite a atacantes remotos afectar la integridad a través de vectores relacionados con WLS - Web Services. • http://seclists.org/fulldisclosure/2014/Dec/23 http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html http://www.securityfocus.com/archive/1/534161/100/0/threaded http://www.securityfocus.com/bid/68649 http://www.vmware.com/security/advisories/VMSA-2014-0012.html https://exchange.xforce.ibmcloud.com/vulnerabilities/94559 •
CVSS: 5.8EPSS: 0%CPEs: 13EXPL: 0CVE-2014-3793
https://notcve.org/view.php?id=CVE-2014-3793
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors. VMware Tools en VMware Workstation 10.x anterior a 10.0.2, VMware Player 6.x anterior a 6.0.2, VMware Fusion 6.x anterior a 6.0.3 y VMware ESXi 5.0 hasta 5.5, cuando un sistema operativo invitado de Windows 8.1 está utilizado, permite a usuarios del sistema operativo invitado ganar privilegios del sistema operativo invitado o causar una denegación de servicio (referencia a puntero nulo de kernel y caída del sistema operativo invitado) a través de vectores no especificados. • http://packetstormsecurity.com/files/126869/VMware-Security-Advisory-2014-0005.html http://secunia.com/advisories/58894 http://www.securityfocus.com/archive/1/532236/100/0/threaded http://www.securitytracker.com/id/1030310 http://www.securitytracker.com/id/1030311 http://www.vmware.com/security/advisories/VMSA-2014-0005.html •
CVSS: 4.3EPSS: 1%CPEs: 14EXPL: 0CVE-2014-1207
https://notcve.org/view.php?id=CVE-2014-1207
VMware ESXi 4.0 through 5.1 and ESX 4.0 and 4.1 allow remote attackers to cause a denial of service (NULL pointer dereference) by intercepting and modifying Network File Copy (NFC) traffic. VMWare ESXi 4.0 hasta 5.1 y ESX 4.0 y 4.1 permite a atacantes remotos causar una denegación de servicio (referencia a puntero nulo) interceptando y modificando tráfico Network File Copy (NFC). • http://osvdb.org/102196 http://secunia.com/advisories/56499 http://www.securityfocus.com/bid/64995 http://www.securitytracker.com/id/1029643 http://www.vmware.com/security/advisories/VMSA-2014-0001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/90559 •
CVSS: 3.3EPSS: 0%CPEs: 17EXPL: 0CVE-2014-1208
https://notcve.org/view.php?id=CVE-2014-1208
VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port. VMware Workstation 9.x anteriores a 9.0.1, WMware Player 5.x anteriores a 5.0.1, VMware Fusion 5.x anteriores a 5.0.1, VMware ESXi 4.0 hasta 5.1, y WMware ESX 4.0 y 4.1 permite a usuarios invitado del sistema causar una denegación de servicio (ruptura de proceso VMX) utilizando un puerto inválido. • http://osvdb.org/102197 http://secunia.com/advisories/56499 http://www.securityfocus.com/bid/64994 http://www.securitytracker.com/id/1029643 http://www.securitytracker.com/id/1029644 http://www.vmware.com/security/advisories/VMSA-2014-0001.html https://exchange.xforce.ibmcloud.com/vulnerabilities/90558 •