CVE-2019-5544CISA KEVEPSS p99.9%

CVE-2019-5544VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability

VMware / VMware ESXi and Horizon DaaS

Description

VMware ESXi and Horizon Desktop as a Service (DaaS) OpenSLP contains a heap-based buffer overflow vulnerability that allows an attacker with network access to port 427 to overwrite the heap of the OpenSLP service to perform remote code execution.

Scoring

EPSS96.82% probability of exploitation · percentile 99.9% · 2026-06-15T12:03:41Z

CISA KEV entry

Added to KEV: 2021-11-03

(incoming)1

TypeTargetConfidenceTier
KEVEntryVMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerabilitykev-cve-2019-55440%live

Related by meaning· 6

Nearest entities by semantic similarity across the cs-graph corpus.

CVE
VMware ESXi OpenSLP Use-After-Free Vulnerability
CVE
CVE-2021-21974
CVE
VMware vCenter Server Heap-Based Buffer Overflow Vulnerability
CVE
CVE-2025-41238
CVE
VMware vCenter Server Out-of-Bounds Write Vulnerability
CVE
VMware ESXi, Workstation, and Fusion Information Disclosure Vulnerability
Sourced from NVD + CISA KEV + FIRST.org EPSS. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.