Lucene search

K
VmwareFusion

12 matches found

CVE
CVE
added 2019/09/20 6:15 p.m.296 views

CVE-2019-5521

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality. Successful exploitation of th...

9.6CVSS8.7AI score0.00422EPSS
CVE
CVE
added 2017/06/08 1:29 p.m.163 views

CVE-2017-4901

The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.

9.9CVSS7.3AI score0.20903EPSS
CVE
CVE
added 2024/03/05 6:15 p.m.137 views

CVE-2024-22252

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitat...

9.3CVSS9.5AI score0.00273EPSS
CVE
CVE
added 2024/03/05 6:15 p.m.110 views

CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitat...

9.3CVSS9.5AI score0.00061EPSS
CVE
CVE
added 2019/04/02 3:29 p.m.86 views

CVE-2019-5524

VMware Workstation (14.x before 14.1.6) and Fusion (10.x before 10.1.6) contain an out-of-bounds write vulnerability in the e1000 virtual network adapter. This issue may allow a guest to execute code on the host.

9CVSS8.7AI score0.00808EPSS
CVE
CVE
added 2024/05/14 4:16 p.m.84 views

CVE-2024-22267

VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

9.3CVSS9.1AI score0.00114EPSS
CVE
CVE
added 2019/11/20 4:15 p.m.61 views

CVE-2019-5541

VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-servic...

9.1CVSS9.3AI score0.00744EPSS
CVE
CVE
added 2019/04/02 3:29 p.m.60 views

CVE-2019-5515

VMware Workstation (15.x before 15.0.3, 14.x before 14.1.6) and Fusion (11.x before 11.0.3, 10.x before 10.1.6) updates address an out-of-bounds write vulnerability in the e1000 and e1000e virtual network adapters. Exploitation of this issue may lead to code execution on the host from the guest but...

9CVSS8.7AI score0.01043EPSS
CVE
CVE
added 2011/10/07 8:55 p.m.54 views

CVE-2011-3868

Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image.

9.3CVSS6.9AI score0.19769EPSS
CVE
CVE
added 2012/06/14 8:55 p.m.54 views

CVE-2012-3288

VMware Workstation 7.x before 7.1.6 and 8.x before 8.0.4, VMware Player 3.x before 3.1.6 and 4.x before 4.0.4, VMware Fusion 4.x before 4.1.3, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 allow user-assisted remote attackers to execute arbitrary code on the host OS or cause a denial ...

9.3CVSS7.6AI score0.02027EPSS
CVE
CVE
added 2012/05/04 4:55 p.m.53 views

CVE-2012-2450

VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process c...

9CVSS9.7AI score0.01251EPSS
CVE
CVE
added 2012/05/04 4:55 p.m.51 views

CVE-2012-2449

VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x through 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly configure the virtual floppy device, which allows guest OS users to cause a denial of service (out-of-bounds write operat...

9CVSS9.7AI score0.02408EPSS