Vulnerabilities > Vmware > Esxi > 5.5

DATE CVE VULNERABILITY TITLE RISK
2016-12-29 CVE-2016-7463 Cross-site Scripting vulnerability in VMWare Esxi 5.5/6.0
Cross-site scripting (XSS) vulnerability in the Host Client in VMware vSphere Hypervisor (aka ESXi) 5.5 and 6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted VM.
network
vmware CWE-79
3.5
3.5
2016-08-08 CVE-2016-5330 Untrusted Search Path vulnerability in VMWare products
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.
local
vmware CWE-426
4.4
4.4
2016-01-09 CVE-2015-6933 Improper Access Control vulnerability in VMWare products
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors.
network
low complexity
vmware CWE-284
6.5
6.5
2015-01-29 CVE-2015-1044 Denial Of Service vulnerability in VMWare Esxi, Player and Workstation
vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors.
low complexity
vmware
3.3
3.3
2015-01-29 CVE-2014-8370 Permissions, Privileges, and Access Controls vulnerability in VMWare products
VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, VMware Fusion 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allow host OS users to gain host OS privileges or cause a denial of service (arbitrary write to a file) by modifying a configuration file.
network
low complexity
vmware CWE-264
6.4
6.4
2014-05-31 CVE-2014-3793 Local Privilege Escalation vulnerability in Multiple VMware Products
VMware Tools in VMware Workstation 10.x before 10.0.2, VMware Player 6.x before 6.0.2, VMware Fusion 6.x before 6.0.3, and VMware ESXi 5.0 through 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of service (kernel NULL pointer dereference and guest OS crash) via unspecified vectors.
low complexity
vmware
5.8
5.8
2013-12-23 CVE-2013-5973 Permissions, Privileges, and Access Controls vulnerability in VMWare ESX and Esxi
VMware ESXi 4.0 through 5.5 and ESX 4.0 and 4.1 allow local users to read or modify arbitrary files by leveraging the Virtual Machine Power User or Resource Pool Administrator role for a vCenter Server Add Existing Disk action with a (1) -flat, (2) -rdm, or (3) -rdmp filename.
local
vmware CWE-264
4.4
4.4