Fusion@* Security Vulnerabilities and Issues — Fusion@* CVE List

Lucene search

VmwareFusion*

16 matches found

CVE•added 2018/01/04 1:29 p.m.•1018 views

CVE-2017-5753

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6CVSS6.1AI score0.94332EPSS

CVE•added 2018/08/15 12:29 p.m.•142 views

CVE-2018-6973

VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.

8.8CVSS8.7AI score0.00164EPSS

CVE•added 2018/10/16 8:0 p.m.•141 views

CVE-2018-6974

VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

8.8CVSS8.6AI score0.00064EPSS

CVE•added 2018/03/15 7:29 p.m.•125 views

CVE-2018-6957

VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled.

5.3CVSS5.1AI score0.00379EPSS

CVE•added 2018/12/04 2:29 p.m.•120 views

CVE-2018-6981

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmx...

8.8CVSS8.7AI score0.09168EPSS

CVE•added 2018/12/04 2:29 p.m.•118 views

CVE-2018-6982

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.

6.5CVSS7.2AI score0.00349EPSS

CVE•added 2018/07/25 1:29 p.m.•106 views

CVE-2018-6972

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in R...

6.5CVSS6.3AI score0.03776EPSS

CVE•added 2018/07/09 8:29 p.m.•93 views

CVE-2018-6965

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user pri...

8.1CVSS7.4AI score0.00392EPSS

CVE•added 2018/10/09 8:29 p.m.•86 views

CVE-2018-6977

VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsi...

6.5CVSS6.3AI score0.0008EPSS

CVE•added 2018/07/09 8:29 p.m.•84 views

CVE-2018-6966

8.1CVSS7.4AI score0.00392EPSS

CVE•added 2018/07/09 8:29 p.m.•80 views

CVE-2018-6967

8.1CVSS7.4AI score0.00392EPSS

CVE•added 2018/05/22 1:29 p.m.•65 views

CVE-2018-6963

VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine...

5.5CVSS5.7AI score0.00064EPSS

CVE•added 2018/01/11 2:29 p.m.•62 views

CVE-2017-4950

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by defau...

7CVSS6.2AI score0.00047EPSS

CVE•added 2018/01/11 2:29 p.m.•61 views

CVE-2017-4949

VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default.

7CVSS6.1AI score0.00071EPSS

CVE•added 2018/05/22 1:29 p.m.•49 views

CVE-2018-6962

VMware Fusion (10.x before 10.1.2) contains a signature bypass vulnerability which may lead to a local privilege escalation.

7.8CVSS6.2AI score0.00048EPSS

CVE•added 2018/11/27 5:29 p.m.•47 views

CVE-2018-6983

VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.

8.8CVSS8.8AI score0.00058EPSS