Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
VmwareWorkstation

213 matches found

CVE
CVEadded 2008/06/05 8:32 p.m.1420 views

CVE-2008-2100

Multiple buffer overflows in VIX API 1.1.x before 1.1.4 build 93057 on VMware Workstation 5.x and 6.x, VMware Player 1.x and 2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, and VMware ESX 3.0.1 through 3.5 allow guest OS users to execute arbitrary code on the host OS via...

7.2CVSS7.3AI score0.00153EPSS
CVE
CVEadded 2018/01/04 1:29 p.m.1018 views

CVE-2017-5753

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6CVSS6.1AI score0.94332EPSS
CVE
CVEadded 2025/03/04 12:15 p.m.708 views

CVE-2025-22226

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

7.1CVSS7.7AI score0.0362EPSS
CVE
CVEadded 2019/10/10 5:15 p.m.690 views

CVE-2019-5527

ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5.

8.8CVSS8.6AI score0.00034EPSS
CVE
CVEadded 2025/03/04 12:15 p.m.455 views

CVE-2025-22224

VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

9.3CVSS9.3AI score0.37103EPSS
CVE
CVEadded 2013/12/04 6:56 p.m.406 views

CVE-2013-3519

lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a ...

7.9CVSS6.5AI score0.0017EPSS
CVE
CVEadded 2019/09/20 6:15 p.m.296 views

CVE-2019-5521

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality. Successful exploitation of th...

9.6CVSS8.7AI score0.00422EPSS
CVE
CVEadded 2022/01/04 10:15 p.m.284 views

CVE-2021-22045

VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtual machine with CD-ROM device emulation may be ab...

7.8CVSS7.6AI score0.02945EPSS
CVE
CVEadded 2020/12/21 4:15 p.m.248 views

CVE-2020-3999

VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo. A malicio...

6.5CVSS6.2AI score0.00117EPSS
CVE
CVEadded 2023/04/25 9:15 p.m.242 views

CVE-2023-20872

VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.

8.8CVSS8.5AI score0.00772EPSS
CVE
CVEadded 2020/03/17 7:15 p.m.239 views

CVE-2020-3951

VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issu...

3.8CVSS4.5AI score0.00118EPSS
CVE
CVEadded 2020/03/16 6:15 p.m.234 views

CVE-2019-5543

For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. A l...

7.8CVSS8.2AI score0.00034EPSS
CVE
CVEadded 2022/12/14 7:15 p.m.227 views

CVE-2022-31705

VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESX...

8.2CVSS8.4AI score0.01301EPSS
CVE
CVEadded 2024/03/05 6:15 p.m.220 views

CVE-2024-22255

VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability in the UHCI USB controller. A malicious actor with administrative access to a virtual machine may be able to exploit this issue to leak memory from the vmx process.

7.1CVSS7.7AI score0.02945EPSS
CVE
CVEadded 2020/03/16 6:15 p.m.209 views

CVE-2020-3947

VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a use-after vulnerability in vmnetdhcp. Successful exploitation of this issue may lead to code execution on the host from the guest or may allow attackers to create a denial-of-service condition of the vmnetdhcp service...

8.8CVSS8.7AI score0.00449EPSS
CVE
CVEadded 2022/02/16 5:15 p.m.209 views

CVE-2021-22041

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host.

6.7CVSS7.1AI score0.01396EPSS
CVE
CVEadded 2020/11/20 8:15 p.m.182 views

CVE-2020-4004

VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a...

8.2CVSS7.8AI score0.00208EPSS
CVE
CVEadded 2019/06/06 7:29 p.m.180 views

CVE-2019-5525

VMware Workstation (15.x before 15.1.0) contains a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) backend. A malicious user with normal user privileges on the guest machine may exploit this issue in conjunction with other issues to execute code on the Linux host where ...

8.8CVSS8.7AI score0.00101EPSS
CVE
CVEadded 2023/04/25 10:15 p.m.159 views

CVE-2023-20869

VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.

8.2CVSS8.4AI score0.0226EPSS
CVE
CVEadded 2017/06/08 1:29 p.m.155 views

CVE-2017-4901

The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.

9.9CVSS7.3AI score0.20903EPSS
CVE
CVEadded 2018/08/15 12:29 p.m.142 views

CVE-2018-6973

VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.

8.8CVSS8.7AI score0.00164EPSS
CVE
CVEadded 2018/10/16 8:0 p.m.141 views

CVE-2018-6974

VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

8.8CVSS8.6AI score0.00064EPSS
CVE
CVEadded 2010/06/30 6:30 p.m.140 views

CVE-2010-1205

Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row.

9.8CVSS9.9AI score0.17033EPSS
CVE
CVEadded 2024/03/05 6:15 p.m.137 views

CVE-2024-22252

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitat...

9.3CVSS9.5AI score0.00327EPSS
CVE
CVEadded 2012/11/14 12:30 p.m.131 views

CVE-2012-3569

Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and other products, allows user-assisted remote attackers to execute arbitrary code via a crafted OVF file.

9.3CVSS7.4AI score0.80635EPSS
CVE
CVEadded 2020/10/20 5:15 p.m.130 views

CVE-2020-3981

VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device. A malicious actor with administrat...

5.8CVSS6.2AI score0.00204EPSS
CVE
CVEadded 2019/04/01 9:30 p.m.125 views

CVE-2019-5519

VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain a Time-of-check Time-of-use (TOCTOU) vulnerability in the virtual USB 1.1 UHCI (Unive...

7.2CVSS7.5AI score0.00565EPSS
CVE
CVEadded 2019/04/01 9:30 p.m.122 views

CVE-2019-5518

VMware ESXi (6.7 before ESXi670-201903001, 6.5 before ESXi650-201903001, 6.0 before ESXi600-201903001), Workstation (15.x before 15.0.4, 14.x before 14.1.7), Fusion (11.x before 11.0.3, 10.x before 10.1.6) contain an out-of-bounds read/write vulnerability in the virtual USB 1.1 UHCI (Universal Host...

7.2CVSS7.5AI score0.00952EPSS
CVE
CVEadded 2013/02/11 10:55 p.m.121 views

CVE-2013-1406

The Virtual Machine Communication Interface (VMCI) implementation in vmci.sys in VMware Workstation 8.x before 8.0.5 and 9.x before 9.0.1 on Windows, VMware Fusion 4.1 before 4.1.4 and 5.0 before 5.0.2, VMware View 4.x before 4.6.2 and 5.x before 5.1.2 on Windows, VMware ESXi 4.0 through 5.1, and V...

7.2CVSS6.3AI score0.00743EPSS
CVE
CVEadded 2018/12/04 2:29 p.m.120 views

CVE-2018-6981

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmx...

8.8CVSS8.7AI score0.09168EPSS
CVE
CVEadded 2018/12/04 2:29 p.m.118 views

CVE-2018-6982

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.

6.5CVSS7.2AI score0.00349EPSS
CVE
CVEadded 2017/12/20 3:29 p.m.117 views

CVE-2017-4941

VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this...

8.8CVSS8.7AI score0.04776EPSS
CVE
CVEadded 2016/01/09 2:59 a.m.112 views

CVE-2015-6933

The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel...

6.5CVSS6.1AI score0.01813EPSS
CVE
CVEadded 2024/03/05 6:15 p.m.110 views

CVE-2024-22253

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. On ESXi, the exploitat...

9.3CVSS9.5AI score0.00045EPSS
CVE
CVEadded 2009/04/13 4:30 p.m.108 views

CVE-2009-1244

Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ES...

6.8CVSS6.8AI score0.00588EPSS
CVE
CVEadded 2009/11/02 3:30 p.m.108 views

CVE-2009-2267

VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VM...

6.9CVSS6.6AI score0.03225EPSS
CVE
CVEadded 2018/01/05 2:29 p.m.107 views

CVE-2017-4945

VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstat...

5.5CVSS5.9AI score0.00062EPSS
CVE
CVEadded 2023/10/20 9:15 a.m.107 views

CVE-2023-34044

VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-boundsread vulnerability that exists in the functionality for sharing hostBluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtualmachine may be able to re...

7.1CVSS6AI score0.00058EPSS
CVE
CVEadded 2018/07/25 1:29 p.m.106 views

CVE-2018-6972

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in R...

6.5CVSS6.3AI score0.03776EPSS
CVE
CVEadded 2010/06/30 6:30 p.m.105 views

CVE-2010-2249

Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks.

6.5CVSS7.4AI score0.01567EPSS
CVE
CVEadded 2020/06/25 3:15 p.m.103 views

CVE-2020-3964

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine ...

4.7CVSS5.5AI score0.00123EPSS
CVE
CVEadded 2024/02/29 1:44 a.m.103 views

CVE-2024-22251

VMware Workstation and Fusion contain an out-of-bounds read vulnerability in the USB CCID (chip card interface device). A malicious actor with local administrative privileges on a virtual machine may trigger an out-of-bounds read leading to information disclosure.

5.9CVSS5.4AI score0.0006EPSS
CVE
CVEadded 2020/06/25 3:15 p.m.102 views

CVE-2020-3963

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may b...

5.5CVSS5.9AI score0.00119EPSS
CVE
CVEadded 2015/01/29 6:59 p.m.100 views

CVE-2015-1043

The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors.

3.3CVSS3.6AI score0.00197EPSS
CVE
CVEadded 2024/05/21 6:15 p.m.100 views

CVE-2024-22273

The storage controllers on VMware ESXi, Workstation, and Fusion have out-of-bounds read/write vulnerability. A malicious actor with access to a virtual machine with storage controllers enabled may exploit this issue to create a denial of service condition or execute code on the hypervisor from a vi...

8.1CVSS7.1AI score0.00229EPSS
CVE
CVEadded 2010/04/27 3:30 p.m.98 views

CVE-2009-4811

VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600...

5CVSS6.4AI score0.16891EPSS
CVE
CVEadded 2020/06/25 3:15 p.m.98 views

CVE-2020-3965

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine ...

5.5CVSS6AI score0.0006EPSS
CVE
CVEadded 2020/05/29 8:15 p.m.97 views

CVE-2020-3958

VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with non...

5.5CVSS5.4AI score0.00095EPSS
CVE
CVEadded 2018/07/09 8:29 p.m.93 views

CVE-2018-6965

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user pri...

8.1CVSS7.4AI score0.00392EPSS
CVE
CVEadded 2019/04/15 6:29 p.m.89 views

CVE-2019-5520

VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6), Fusion (11.x before 11.0.3 and 10.x before 10.1.6) updates address an out-of-bounds read vulnerability. Exploitation of this issue requires an attacker to have ac...

5.9CVSS5.8AI score0.0023EPSS
Total number of security vulnerabilities213