27 matches found
CVE-2017-4901
The drag-and-drop DnD function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion...
VMware ESXi updates address critical and moderate security issues (VMSA-2017-0006)
VMware ESXi updates address critical and moderate security issues. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2016-7083
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service host OS memory corruption via TrueType fonts embedd...
spice: memory corruption in worker_update_monitors_config()
A race condition flaw, leading to a heap-based memory corruption, was found in spice's workerupdatemonitorsconfig function, which runs under the QEMU-KVM context on the host. A user in a guest could leverage this flaw to crash the host QEMU-KVM process or, possibly, execute arbitrary code with th...
UBUNTU-CVE-2014-0049
Buffer overflow in the completeemulatedmmio function in arch/x86/kvm/x86.c in the Linux kernel before 3.13.6 allows guest OS users to execute arbitrary code on the host OS by leveraging a loop that triggers an invalid memory copy affecting certain cancelworkitem data...
CVE-2012-6075
Buffer overflow in the e1000receive function in the e1000 device driver hw/e1000.c in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service guest OS crash and possibly execute arbitrary guest code via a large packet...
DEBIAN-CVE-2012-6075
Buffer overflow in the e1000receive function in the e1000 device driver hw/e1000.c in QEMU 1.3.0-rc2 and other versions, when the SBP and LPE flags are disabled, allows remote attackers to cause a denial of service guest OS crash and possibly execute arbitrary guest code via a large packet...