Vmware Vcenter Server Appliance — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Vcenter Server Appliance, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVE-2014-3790 — CVSS 9.0 (critical): Ruby vSphere Console (RVC) in VMware vCenter Server Appliance allows remote authenticated users to execute arbitrary commands as root by…
CVE-2013-3079 — CVSS 9.0 (critical): VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to execute arbitrary programs with root…
CVE-2013-3080 — CVSS 9.0 (critical): VMware vCenter Server Appliance (vCSA) 5.1 before Update 1 allows remote authenticated users to create or overwrite arbitrary files, and…
CVE-2012-6326 — CVSS 7.8 (high): VMware vCenter Server 4.1 before Update 3 and 5.0 before Update 2, and vCSA 5.0 before Update 2, allows remote attackers to cause a denial…
CVE-2013-1659 — CVSS 7.6 (high): VMware vCenter Server 4.0 before Update 4b, 5.0 before Update 2, and 5.1 before 5.1.0b; VMware ESXi 3.5 through 5.1; and VMware ESX 3.5…
CVE-2014-4258 — CVSS 6.5 (medium): Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote…
CVE-2014-8371 — CVSS 4.3 (medium): VMware vCenter Server Appliance (vCSA) 5.5 before Update 2, 5.1 before Update 3, and 5.0 before Update 3c does not properly validate…
CVE-2013-3107 — CVSS 4.3 (medium): VMware vCenter Server 5.1 before Update 1, when anonymous LDAP binding for Active Directory is enabled, allows remote attackers to bypass…
CVE-2014-3797 — CVSS 4.3 (medium): Cross-site scripting (XSS) vulnerability in VMware vCenter Server Appliance (vCSA) 5.1 before Update 3 allows remote attackers to inject…
CVE-2014-4241 — CVSS 4.3 (medium): Unspecified vulnerability in the Oracle WebLogic Server component in Oracle Fusion Middleware 10.0.2.0 and 10.3.6.0 allows remote attackers…
CVE-2012-6325 — CVSS 4.0 (medium): VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 does not properly parse XML documents, which allows remote authenticated users…
CVE-2012-6324 — CVSS 4.0 (medium): Directory traversal vulnerability in VMware vCenter Server Appliance (vCSA) 5.0 before Update 2 and 5.1 before Patch 1 allows remote…