39 matches found
VMware Workstation and VMware Fusion Denial of Service Vulnerability (CNVD-2020-41588)
VMware Workstation is a desktop virtual computing software from VMware with Windows and Linux versions. VMware Fusion is a virtual machine hypervisor developed by VMware for Macintosh computers. A denial of service vulnerability exists in the RPC handler in VMware Workstation version 15.x prior t...
CVE-2019-5542
VMware Workstation 15.x before 15.5.1 and Fusion 11.x before 11.5.1 contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM...
CVE-2019-5542
VMware Workstation 15.x before 15.5.1 and Fusion 11.x before 11.5.1 contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM...
CVE-2019-5542
CVE-2019-5542 affects VMware Workstation 15.x (before 15.5.1) and VMware Fusion 11.x (before 11.5.1). It is a denial‑of‑service vulnerability in the RPC handler that can be exploited by a user with normal privileges to cause a DoS on their own VM. VMware provides fixed versions: Workstation 15.5....
VMware Workstation 15.0.x < 15.5.1 Multiple Vulnerabilities (VMSA-2019-0020, VMSA-2019-0021)
The version of VMware Workstation installed on the remote Windows host is 15.0.x prior to 15.5.1. It is, therefore, affected by multiple vulnerabilities: - An unspecified information disclosure vulnerability in vmnetdhcp. CVE-2019-5540 - An unspecified out-of-bounds write vulnerability in the...
VMware Fusion 11.0.x < 11.5.1 Multiple Vulnerabilities (VMSA-2019-0020, VMSA-2019-0021)
The version of VMware Fusion installed on the remote macOS or Mac OS X host is 11.0.x prior to 11.5.1. It is, therefore, affected by multiple vulnerabilities: - An unspecified information disclosure vulnerability in vmnetdhcp. CVE-2019-5540 - An unspecified out-of-bounds write vulnerability in th...
KLA12121 Multiple vulnerabilities in VMware Workstation and Player
Multiple vulnerabilities were found in VMware Workstation and Player. Malicious users can exploit these vulnerabilities to cause denial of service, obtain sensitive information. Below is a complete list of vulnerabilities: 1. A denial of service vulnerability in the RPC handler can be exploited t...
VMSA-2018-0018 : VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues
a. VMware Horizon View Agent local information disclosure vulnerability VMware Horizon View Agents contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during...
Null pointer dereference
VMware ESXi 6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG, Workstation 14.x before 14.1.2, and Fusion 10.x before 10.1.2 contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC...
CVE-2018-6972
VMware ESXi 6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG, Workstation 14.x before 14.1.2, and Fusion 10.x before 10.1.2 contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC...
CVE-2018-6972
Summary of CVE-2018-6972 details from provided documents : VMware products — ESXi (versions listed as affected before certain update bundles), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) — are affected by a denial-of-service vulnerability due to a NULL pointer dereference in...
CVE-2018-6972
VMware ESXi 6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG, Workstation 14.x before 14.1.2, and Fusion 10.x before 10.1.2 contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC...
CVE-2018-6963
VMware Workstation 14.x before 14.1.2 and Fusion 10.x before 10.1.2 contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine...
Null pointer dereference
VMware Workstation 14.x before 14.1.2 and Fusion 10.x before 10.1.2 contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine...
CVE-2018-6963
VMware Workstation 14.x before 14.1.2 and Fusion 10.x before 10.1.2 contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine...
CVE-2018-6963
CVE-2018-6963 affects VMware Workstation 14.x (pre-14.1.2) and VMware Fusion 10.x (pre-10.1.2). The root cause is a NULL pointer dereference in the RPC handler, enabling a local attacker with limited guest privileges to cause a denial of service on the guest OS. Connected advisories corroborate m...
CVE-2018-6963
VMware Workstation 14.x before 14.1.2 and Fusion 10.x before 10.1.2 contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine...
GLSA-200712-18 : Multi-Threaded DAAP Daemon: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-200712-18 Multi-Threaded DAAP Daemon: Multiple vulnerabilities nnp discovered multiple vulnerabilities in the XML-RPC handler in the file webserver.c. The wsaddarg function contains a format string vulnerability, as it does not...
RHN Satellite xmlrpc flaw
Unspecified vulnerability in Red Hat Network Satellite Server 5.0.0 allows remote authenticated users to execute arbitrary code via unknown vectors in a "back-end XMLRPC handler."...