Vulnerability Monitor

The vendors, products, and vulnerabilities you care about
esx Vendor: vmware

About This Product

esx is a software product developed by vmware, a major technology provider with a global presence in enterprise and consumer markets. This product is widely deployed in production environments, making vulnerability monitoring essential for organizations relying on it. Security vulnerabilities in products of this category can affect system availability, data confidentiality, and integrity across entire networks. The significant number of reported vulnerabilities indicates this product has received substantial security scrutiny and community focus over time. Regular assessment of known vulnerabilities and timely patching are fundamental components of responsible system administration for any deployment of this software.

Vulnerability Landscape Summary

SecUtils has identified 86 known vulnerabilities affecting vmware esx. This includes 3 critical-severity issues and 42 high-severity issues that warrant immediate attention. Vulnerabilities in this product have been disclosed spanning from 2003 to 2014, indicating a sustained research interest and ongoing security attention. 36 medium-severity issues and 5 low-severity issues complete the vulnerability landscape. Organizations should prioritize patching based on deployment context, asset criticality, and exploitation likelihood rather than severity alone.

Known Vulnerabilities
ID Date Published Last Modified Severity (CVSSv3) Severity (CVSSv2) Exploit Available
CVE-2003-1291 2003-12-31 2025-04-03 - 7.2 Unknown
CVE-2005-4583 2005-12-29 2025-04-03 - 4.3 Likely
CVE-2005-3618 2005-12-31 2025-04-03 - 7.6 Unknown
CVE-2005-3619 2005-12-31 2025-04-03 - 6.8 Likely
CVE-2005-3620 2005-12-31 2025-04-03 - 2.1 Unknown
CVE-2005-4773 2005-12-31 2025-04-03 - 4.9 Unknown
CVE-2006-3589 2006-07-21 2025-04-03 - 3.6 Unknown
CVE-2006-2481 2006-07-31 2025-04-03 - 5.0 Likely
CVE-2007-1270 2007-04-06 2025-04-09 - 5.0 Likely
CVE-2007-1271 2007-04-06 2025-04-09 - 6.6 Unknown
CVE-2007-0061 2007-09-21 2025-04-09 - 10.0 Likely
CVE-2007-0063 2007-09-21 2025-04-09 - 10.0 Likely
CVE-2007-5360 2008-01-08 2025-04-09 - 7.5 Likely
CVE-2007-5671 2008-06-05 2025-04-09 - 4.4 Unknown
CVE-2008-0967 2008-06-05 2025-04-09 - 6.9 Unknown
CVE-2008-2097 2008-06-05 2025-04-09 - 9.0 Likely
CVE-2008-2100 2008-06-05 2025-04-09 - 7.2 Unknown
CVE-2008-3281 2008-08-27 2025-04-09 6.5 4.3 Likely
CVE-2008-2101 2008-09-03 2025-04-09 - 2.1 Unknown
CVE-2008-4279 2008-10-06 2025-04-09 - 6.8 Unknown
CVE-2008-4281 2008-11-10 2025-04-09 - 9.3 Likely
CVE-2008-4915 2008-11-10 2025-04-09 - 6.9 Unknown
CVE-2008-4917 2008-12-09 2025-04-09 - 7.2 Unknown
CVE-2009-0034 2009-01-30 2025-04-09 7.8 6.9 Unknown
CVE-2008-4914 2009-02-03 2025-04-09 - 4.7 Unknown
CVE-2009-0778 2009-03-12 2025-04-09 - 7.1 Likely
CVE-2009-1072 2009-03-25 2025-04-09 - 4.9 Unknown
CVE-2009-1244 2009-04-13 2025-04-09 - 6.8 Unknown
CVE-2009-1630 2009-05-14 2025-04-09 - 4.4 Unknown
CVE-2009-1805 2009-06-01 2025-04-09 - 4.0 Unknown
CVE-2009-2416 2009-08-11 2025-04-09 6.5 4.3 Likely
CVE-2009-2848 2009-08-18 2025-04-09 - 5.9 Unknown
CVE-2009-3621 2009-10-22 2025-04-09 5.5 4.9 Unknown
CVE-2009-2267 2009-11-02 2025-04-09 - 6.9 Unknown
CVE-2009-3733 2009-11-02 2025-04-09 - 5.0 Likely
CVE-2009-3547 2009-11-04 2025-04-09 7.0 6.9 Unknown
CVE-2009-3080 2009-11-20 2025-04-09 - 7.2 Unknown
CVE-2010-1141 2010-04-12 2025-04-11 - 8.5 Unknown
CVE-2010-1142 2010-04-12 2025-04-11 - 8.5 Unknown
CVE-2010-2066 2010-09-08 2025-04-11 5.5 2.1 Unknown
CVE-2010-2492 2010-09-08 2025-04-11 7.8 7.2 Unknown
CVE-2010-2524 2010-09-08 2025-04-11 7.8 4.6 Unknown
CVE-2010-2798 2010-09-08 2025-04-11 7.8 7.2 Unknown
CVE-2010-2942 2010-09-21 2025-04-11 5.5 2.1 Unknown
CVE-2010-3078 2010-09-21 2025-04-11 5.5 2.1 Unknown
CVE-2010-3081 2010-09-24 2025-04-11 7.8 7.2 Unknown
CVE-2010-2943 2010-09-30 2025-04-11 8.1 6.4 Likely
CVE-2010-4297 2010-12-06 2025-04-11 - 7.2 Unknown
CVE-2010-4343 2010-12-29 2025-04-11 5.5 4.7 Unknown
CVE-2010-4526 2011-01-11 2025-04-11 - 7.1 Likely
CVE-2010-4263 2011-01-18 2025-04-11 - 7.9 Unknown
CVE-2011-0355 2011-02-17 2025-04-11 - 7.8 Likely
CVE-2010-3609 2011-03-11 2025-04-11 - 5.0 Likely
CVE-2011-1785 2011-05-03 2025-04-11 - 7.8 Likely
CVE-2011-1786 2011-05-03 2025-04-11 - 5.0 Likely
CVE-2011-1789 2011-05-09 2025-04-11 - 5.0 Likely
CVE-2010-4251 2011-05-26 2025-04-11 7.5 7.8 Likely
CVE-2011-1787 2011-06-06 2025-04-11 - 6.9 Unknown
CVE-2011-2145 2011-06-06 2025-04-11 - 6.3 Unknown
CVE-2011-2146 2011-06-06 2025-04-11 - 2.1 Unknown
CVE-2010-4655 2011-07-18 2025-04-11 5.5 2.1 Unknown
CVE-2012-1508 2012-03-16 2025-04-11 - 7.2 Unknown
CVE-2012-1510 2012-03-16 2025-04-11 - 7.2 Unknown
CVE-2012-1515 2012-04-02 2025-04-11 - 8.3 Unknown
CVE-2012-1518 2012-04-17 2025-04-11 - 8.3 Unknown
CVE-2012-1516 2012-05-04 2025-04-11 9.9 9.0 Likely
CVE-2012-1517 2012-05-04 2025-04-11 - 9.0 Likely
CVE-2012-2448 2012-05-04 2025-04-11 - 7.5 Likely
CVE-2012-2449 2012-05-04 2025-04-11 - 9.0 Likely
CVE-2012-2450 2012-05-04 2025-04-11 - 9.0 Likely
CVE-2012-3288 2012-06-14 2025-04-11 - 9.3 Likely
CVE-2012-3289 2012-06-14 2025-04-11 - 7.8 Likely
CVE-2012-1666 2012-09-08 2025-04-11 - 6.9 Unknown
CVE-2012-5703 2012-11-20 2025-04-11 - 5.0 Likely
CVE-2013-1406 2013-02-11 2025-04-11 - 7.2 Unknown
CVE-2013-1405 2013-02-15 2025-04-11 - 10.0 Likely
CVE-2013-1661 2013-09-04 2025-04-11 - 4.3 Likely
CVE-2013-3657 2013-09-10 2025-04-11 - 7.5 Likely
CVE-2013-3658 2013-09-10 2025-04-11 - 9.4 Likely
CVE-2013-5970 2013-10-21 2025-04-11 - 7.1 Likely
CVE-2013-3519 2013-12-04 2025-04-11 - 7.9 Unknown
CVE-2013-5973 2013-12-23 2025-04-11 - 4.4 Unknown
CVE-2014-1207 2014-01-17 2025-04-11 - 4.3 Likely
CVE-2014-1208 2014-01-17 2025-04-11 - 3.3 Unknown
CVE-2014-6271 2014-09-24 2025-10-22 9.8 10.0 Likely
CVE-2014-7169 2014-09-25 2025-10-22 9.8 10.0 Likely

How SecUtils Interprets Product Data

SecUtils normalizes and enriches National Vulnerability Database (NVD) records for vmware esx by standardizing vendor and product identifiers, aggregating vulnerability metadata from both NVD and MITRE sources, and structuring the data for rapid analysis and asset correlation. For every vulnerability listed, we extract Common Platform Enumeration (CPE) data, Common Weakness Enumeration (CWE) classifications, CVSS severity metrics, and reference information to enable organizations to prioritize patching and risk assessment efficiently. This record contains no exploit code, proof-of-concept instructions, or attack methodologies—only defensive intelligence necessary for vulnerability management and security operations.