Vulnerabilities > Vmware > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2011-06-06 | CVE-2011-2146 | Information Exposure vulnerability in VMWare products mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors. | 2.1 |
| 2011-05-09 | CVE-2011-1788 | Information Exposure vulnerability in VMWare Vcenter 4.0/4.1 vCenter Server in VMware vCenter 4.0 before Update 3 and 4.1 before Update 1 allows local users to discover the SOAP session ID via unspecified vectors. | 2.1 |
| 2011-04-10 | CVE-2011-1681 | Configuration vulnerability in VMWare Open-Vm-Tools vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and earlier attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of this file via a process with a small RLIMIT_FSIZE value, a related issue to CVE-2011-1089. | 3.3 |
| 2011-02-16 | CVE-2010-2928 | Credentials Management vulnerability in VMWare Vcenter Server 4.1 The vCenter Tomcat Management Application in VMware vCenter Server 4.1 before Update 1 stores log-on credentials in a configuration file, which allows local users to gain privileges by reading this file. | 2.1 |
| 2010-09-28 | CVE-2010-3277 | Permissions, Privileges, and Access Controls vulnerability in VMWare Player and Workstation The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file. | 2.1 |
| 2009-04-06 | CVE-2009-0518 | Information Exposure vulnerability in VMWare Esx, VMWare Esxi and VMWare Virtualcenter VI Client in VMware VirtualCenter before 2.5 Update 4, VMware ESXi 3.5 before Update 4, and VMware ESX 3.5 before Update 4 retains the VirtualCenter Server password in process memory, which might allow local users to obtain this password. | 2.1 |
| 2008-10-06 | CVE-2008-4278 | Information Exposure vulnerability in VMWare Virtualcenter VMware VirtualCenter 2.5 before Update 3 build 119838 on Windows displays a user's password in cleartext when the password contains unspecified special characters, which allows physically proximate attackers to steal the password. | 2.1 |
| 2008-09-03 | CVE-2008-2101 | Information Exposure vulnerability in VMWare ESX The VMware Consolidated Backup (VCB) command-line utilities in VMware ESX 3.0.1 through 3.0.3 and ESX 3.5 place a password on the command line, which allows local users to obtain sensitive information by listing the process. | 2.1 |
| 2007-10-13 | CVE-2007-5438 | Improper Input Validation vulnerability in VMWare products Unspecified vulnerability in a certain ActiveX control in Reconfig.DLL in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server before 1.0.7 build 108231 might allow local users to cause a denial of service to the Virtual Disk Mount Service (vmount2.exe), related to the ConnectPopulatedDiskEx function. | 1.9 |
| 2007-02-07 | CVE-2007-0832 | Information Disclosure vulnerability in VMWare Workstation 5.5.3Build34685 VMware Workstation 5.5.3 34685 does not immediately change the availability of a shared clipboard when the "Enable copy and paste to and from this virtual machine" checkbox is changed, which allows local users to obtain sensitive information or conduct certain attacks that are facilitated by weaker isolation between the host and guest operating systems. | 1.2 |