CVSS: 6.5EPSS: 0%CPEs: 71EXPL: 0CVE-2008-4916
https://notcve.org/view.php?id=CVE-2008-4916
06 Apr 2009 — Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (ho... • http://lists.vmware.com/pipermail/security-announce/2009/000054.html •
CVSS: 7.5EPSS: 9%CPEs: 41EXPL: 2CVE-2009-0177 – VMware 2.5.1 - 'VMware-authd' Remote Denial of Service
https://notcve.org/view.php?id=CVE-2009-0177
20 Jan 2009 — vmwarebase.dll, as used in the vmware-authd service (aka vmware-authd.exe), in VMware Workstation 6.5.1 build 126130, 6.5.1 and earlier; VMware Player 2.5.1 build 126130, 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 2.0.x before 2.0.1 build 156745; and VMware Fusion before 2.0.2 build 147997 allows remote attackers to cause a denial of service (daemon crash) via a long (1) USER or (2) PASS command. En la biblioteca vmwarebase.dll, tal y como es usado en el servicio vmware-authd (también se... • https://www.exploit-db.com/exploits/7647 • CWE-399: Resource Management Errors •
CVSS: 7.5EPSS: 10%CPEs: 10EXPL: 0CVE-2008-3697
https://notcve.org/view.php?id=CVE-2008-3697
31 Aug 2008 — An unspecified ISAPI extension in VMware Server before 1.0.7 build 108231 allows remote attackers to cause a denial of service (IIS crash) via a malformed request. Una extensión ISAPI sin especificar en VMware Server versiones anteriores a 1.0.7 build 108231 permite a atacantes remotos provocar una denegación de servicio (caída IIS) a través de peticiones mal formadas. • http://lists.grok.org.uk/pipermail/full-disclosure/2008-August/064118.html • CWE-20: Improper Input Validation •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1CVE-2008-3761 – VMware Workstation 6.5.1 - 'hcmon.sys 6.0.0.45731' Local Denial of Service
https://notcve.org/view.php?id=CVE-2008-3761
21 Aug 2008 — hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 uses the METHOD_NEITHER communication method for IOCTLs, which allows local users to cause a denial of service via a crafted IOCTL request. hcmon.sys en VMware Workstation 6.0.0.45731 utiliza el método de comunicación METHOD_NEITHER para IOCTLs, lo cual tiene un impacto desconocido (posiblemente caída) y vector... • https://www.exploit-db.com/exploits/6262 • CWE-20: Improper Input Validation •
CVSS: 7.8EPSS: 0%CPEs: 37EXPL: 0CVE-2008-0967
https://notcve.org/view.php?id=CVE-2008-0967
05 Jun 2008 — Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file. Vulnerabilidad de ruta de búsqueda no confiable en vmware-authd en VMware Workstation versión 5.x ante... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713 •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2007-5671
https://notcve.org/view.php?id=CVE-2007-5671
05 Jun 2008 — HGFS.sys in the VMware Tools package in VMware Workstation 5.x before 5.5.6 build 80404, VMware Player before 1.0.6 build 80404, VMware ACE before 1.0.5 build 79846, VMware Server before 1.0.5 build 80187, and VMware ESX 2.5.4 through 3.0.2 does not properly validate arguments in user-mode METHOD_NEITHER IOCTLs to the \\.\hgfs device, which allows guest OS users to modify arbitrary memory locations in guest kernel memory and gain privileges. HGFS.sys en el VMware Tools package en VMware Workstation 5.x ante... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=712 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 12EXPL: 0CVE-2008-2098
https://notcve.org/view.php?id=CVE-2008-2098
31 May 2008 — Heap-based buffer overflow in the VMware Host Guest File System (HGFS) in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, VMware ACE 2 before 2.0.2 build 93057, and VMware Fusion before 1.1.2 build 87978, when folder sharing is used, allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. Un desbordamiento de búfer en la región heap de la memoria en el VMware Host Guest File System (HGFS) en VMware Workstation versiones 6 anteriores a ... • http://secunia.com/advisories/30476 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 11EXPL: 0CVE-2008-2099
https://notcve.org/view.php?id=CVE-2008-2099
31 May 2008 — Unspecified vulnerability in VMCI in VMware Workstation 6 before 6.0.4 build 93057, VMware Player 2 before 2.0.4 build 93057, and VMware ACE 2 before 2.0.2 build 93057 on Windows allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. Vulnerabilidad no especificada en VMCI en VMware Workstation versiones 6 anteriores a 6.0.4 build 93057, VMware Player versiones 2 anteriores a 2.0.4 build 93057 y VMware ACE versiones 2 anteriores a 2.0.2 build 93057 en Windows, permite a los u... • http://secunia.com/advisories/30476 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 10.0EPSS: 1%CPEs: 4EXPL: 0CVE-2008-1392
https://notcve.org/view.php?id=CVE-2008-1392
20 Mar 2008 — The default configuration of VMware Workstation 6.0.2, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 makes the console of the guest OS accessible through anonymous VIX API calls, which has unknown impact and attack vectors. La configuración por defecto de VMware Workstation 6.0.2, VMware Player versiones 2.0.x anteriores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite el acceso a la consola del sistema operativo cliente mediante llamadas anónimas a la interfaz de progr... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-16: Configuration •
CVSS: 7.5EPSS: 4%CPEs: 21EXPL: 0CVE-2008-1340
https://notcve.org/view.php?id=CVE-2008-1340
19 Mar 2008 — Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.0.x before 6.0.3, VMware Player 2.0.x before 2.0.3, and VMware ACE 2.0.x before 2.0.1 allows attackers to cause a denial of service (host OS crash) via crafted VMCI calls that trigger "memory exhaustion and memory corruption." Virtual Machine Communication Interface (VMCI) en VMware Workstation versiones 6.0.x anteriores a 6.0.3, VMware Player versiones 2.0.x anterirores a 2.0.3, y VMware ACE versiones 2.0.x anteriores a 2.0.1 permite a ... • http://lists.vmware.com/pipermail/security-announce/2008/000008.html • CWE-399: Resource Management Errors •