Vulnerabilities > Vmware > Esxi

DATE CVE VULNERABILITY TITLE RISK
2020-04-29 CVE-2020-3955 Cross-site Scripting vulnerability in VMWare Esxi 6.5/6.7
ESXi 6.5 without patch ESXi650-201912104-SG and ESXi 6.7 without patch ESXi670-202004103-SG do not properly neutralize script-related HTML when viewing virtual machines attributes.
network
low complexity
vmware CWE-79
critical
 9.3
9.3
2019-12-06 CVE-2019-5544 Out-of-bounds Write vulnerability in multiple products
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue.
network
low complexity
vmware redhat openslp fedoraproject CWE-787
critical
 9.8
9.8
2019-10-28 CVE-2019-5536 Unspecified vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0) contain a denial-of-service vulnerability in the shader functionality.
network
low complexity
vmware
6.5
6.5
2019-10-10 CVE-2019-5527 Use After Free vulnerability in VMWare products
ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device.
local
low complexity
vmware CWE-416
8.8
8.8
2019-09-20 CVE-2019-5521 Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality.
network
low complexity
vmware CWE-125
critical
 9.6
9.6
2019-09-18 CVE-2019-5531 Insufficient Session Expiration vulnerability in VMWare Esxi, Vcenter Server and Vsphere Esxi
VMware vSphere ESXi (6.7 prior to ESXi670-201810101-SG, 6.5 prior to ESXi650-201811102-SG, and 6.0 prior to ESXi600-201807103-SG) and VMware vCenter Server (6.7 prior to 6.7 U1b, 6.5 prior to 6.5 U2b, and 6.0 prior to 6.0 U3j) contain an information disclosure vulnerability in clients arising from insufficient session expiration.
network
low complexity
vmware CWE-613
5.4
5.4
2019-07-11 CVE-2019-5528 Unspecified vulnerability in VMWare Esxi 6.5/6.7
VMware ESXi 6.5 suffers from partial denial of service vulnerability in hostd process.
network
low complexity
vmware
5.3
5.3
2019-04-15 CVE-2019-5520 Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds read vulnerability.
network
high complexity
vmware CWE-125
5.9
5.9
2019-04-15 CVE-2019-5517 Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain multiple out-of-bounds read vulnerabilities in the shader translator.
network
high complexity
vmware CWE-125
6.8
6.8
2019-04-15 CVE-2019-5516 Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds vulnerability with the vertex shader functionality.
network
high complexity
vmware CWE-125
6.8
6.8