213 matches found
CVE-2008-2100
CVE-2008-2100 corresponds to VMware VIX API Multiple Buffer Overflow Vulnerabilities (VMSA-2008-0009). It affects VIX API 1.1.x before 1.1.4 build 93057 across host products (VMware Workstation 5.x/6.x, VMware Player 1.x/2.x, VMware ACE 2.x, VMware Server 1.x, VMware Fusion 1.x, VMware ESXi 3.5, ...
CVE-2017-5753
CVE-2017-5753 is part of the Spectre family (Variant 1) described in the SPECTRE_MELTDOWN_ADVISORY: it involves speculative execution and a bounds-check bypass that can enable an unprivileged attacker to read privileged memory via cache timing analysis. IBM’s AIX/VIOS advisories and iFixes addres...
CVE-2025-22226
CVE-2025-22226 affects VMware ESXi, Workstation, and Fusion via an out-of-bounds read in HGFS, allowing a VM-guest with local admin rights to leak memory from the vmx host process (information disclosure). Connected sources corroborate three related VMware flaws (CVE-2025-22224, CVE-2025-22225) a...
CVE-2019-5527
CVE-2019-5527 is a use-after-free in the virtual sound device affecting VMware ESXi, Workstation, Fusion, VMRC and Horizon Client. The issue allows a local attacker with low privileges on a guest to potentially execute code on the host, with impact on confidentiality, integrity and availability d...
CVE-2025-22224
CVE-2025-22224 refers to a TOCTOU race condition in VMware ESXi/Workstation that can cause an out-of-bounds write. IBM’s security bulletin ties this to Broadcom VMware ESXi vulnerabilities and details that a local admin within a VM can exploit the vulnerability to run code in the host’s VMX proce...
CVE-2013-3519
CVE-2013-3519 concerns a privilege-escalation flaw in VMware’s LGTOSYNC.SYS driver. A crafted memory allocation could allow a guest OS user to gain guest-OS privileges on 32-bit Windows guests. Affected products/versions (per VMSA-2013-0014 and associated advisories): VMware Workstation 9.x befor...
CVE-2022-31705
CVE-2022-31705 is a heap out-of-bounds write in the USB 2.0 EHCI controller affecting VMware ESXi, Workstation, and Fusion. A local administrator within a guest VM can exploit this to execute code in the VMX process on the host; on ESXi the exploit is contained within the VMX sandbox, while on Wo...
CVE-2021-22045
The CVE-2021-22045 vulnerability is a heap overflow in CD-ROM device emulation affecting multiple VMware products: ESXi (versions 6.5, 6.7, 7.0), Workstation (16.x up to 16.2.0), and Fusion (12.x up to 12.2.0). The underlying issue is a heap overflow in the CD-ROM device emulation, which could en...
CVE-2019-5521
CVE-2019-5521 is an out-of-bounds read vulnerability in VMware's pixel shader pipeline affecting ESXi, Workstation, and Fusion. Exploitation requires access to a VM with 3D graphics enabled and can lead to information disclosure or a host DoS; ESXi mitigations are not enabled by default, while Wo...
CVE-2010-1205
CVE-2010-1205 is a buffer overflow in libpng (pngpread.c) that could allow remote code execution via a crafted PNG image. Affected libpng versions are prior to 1.2.44 and prior to 1.4.3. The overflow is tied to the internal copy in pngpread.c and is described across advisories mentioning memory c...
CVE-2020-3999
CVE-2020-3999 affects VMware ESXi (7.0 with patch ESXi70U1c-17325551), VMware Workstation (16.x before 16.0 and 15.x before 15.5.7), VMware Fusion (12.x before 12.0 and 11.x before 11.5.7) and VMware Cloud Foundation. The vulnerability is a denial of service caused by improper input validation in...
CVE-2023-20872
CVE-2023-20872 affects VMware Workstation and VMware Fusion, describing an out-of-bounds read/write vulnerability in the SCSI CD/DVD device emulation. The issue can allow a guest VM with a CD/DVD drive configured to use a virtual SCSI controller to execute code on the host hypervisor, implying po...
CVE-2020-3951
CVE-2020-3951 describes a heap-overflow DoS in Cortado Thinprint affecting VMware Workstation 15.x (prior to 15.5.2) and Horizon Client for Windows 5.x (prior to 5.4.0). Exploitation requires non-administrative access to a guest VM with virtual printing enabled and targets the Thinprint service o...
CVE-2019-5543
CVE-2019-5543 affects VMware Horizon Client for Windows (5.x and earlier), VMware Remote Console for Windows (10.x before 11.0.0), and VMware Workstation for Windows (15.x before 15.5.2). Root cause: the folder with the VMware USB arbitration service configuration was writable by all users, enabl...
CVE-2020-3947
Summary: CVE-2020-3947 affects VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2). The issue is a use-after vulnerability in the vmnetdhcp component that can allow a guest to impact the host. Exploitation may lead to code execution on the host from the guest or cause a...
CVE-2024-22255
CVE-2024-22255 is an information disclosure vulnerability in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with administrative access inside a guest VM can leak memory from the VMX process, potentially exposing sensitive data. The issue is documented wi...
CVE-2021-22041
CVE-2021-22041 is a double-fetch vulnerability in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. The flaw allows a malicious actor with local VM-level administrative privileges to execute code as the VMX process running on the host, via isochronous USB endpoints. Red Hat ...
CVE-2020-4004
CVE-2020-4004 is a use-after-free in the XHCI USB controller affecting VMware ESXi (7.0 before ESXi70U1b-17168206; 6.7 before ESXi670-202011101-SG; 6.5 before ESXi650-202011301-SG), VMware Workstation (15.x before 15.5.7), and VMware Fusion (11.x before 11.5.7). The underlying issue allows a mali...
CVE-2019-5525
CVE-2019-5525 is a use-after-free vulnerability in the ALSA backend of VMware Workstation. In the Linux host context, a malicious user with normal guest-privilege can exploit the issue (in combination with other issues) to execute arbitrary code on the host. Affected are VMware Workstation 15.x p...
CVE-2017-4901
The CVE-2017-4901 entry relates to VMware Workstation 12.x (before 12.5.4) and VMware Fusion 8.x (before 8.5.5), where the drag-and-drop (DnD) function has an out-of-bounds memory access vulnerability. The cited sources describe a potential for a guest operating system to execute code on the host...
CVE-2023-20869
CVE-2023-20869 is a stack-based buffer overflow in VMware Workstation 17.x and VMware Fusion 13.x related to sharing host Bluetooth devices with the VM. Public reports and Vulners-derived references confirm this vulnerability, which can allow a local attacker with VM-level privileges to execute c...
CVE-2024-22252
Summary of CVE-2024-22252 : VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges inside a VM can exploit this to execute code as the VMX process on the host; on ESXi the effect is contained w...
CVE-2018-6974
CVE-2018-6974 describes an out-of-bounds read in the SVGA device affecting VMware ESXi (various older builds), VMware Workstation (14.x before 14.1.3), and VMware Fusion (10.x before 10.1.3). The issue could allow a guest to execute code on the host due to SVGA parsing/reading flaws. Affected pro...
CVE-2024-22251
VMware Workstation and Fusion contain an out-of-bounds read in the USB CCID (chip card interface device). A malicious actor with local administrative privileges inside a VM may trigger an out-of-bounds read, leading to information disclosure. Publicly documented impact and remediation are tied to...
CVE-2018-6973
CVE-2018-6973 affects VMware Workstation 14.x prior to 14.1.3 and VMware Fusion 10.x prior to 10.1.3. The vulnerability is an out-of-bounds write in the e1000 device that may allow a guest to execute code on the host. ZDI notes that exploitation requires the attacker to run code on the guest (loc...
CVE-2020-3981
CVE-2020-3981 affects VMware products (ESXi, Workstation, Fusion) with an out-of-bounds read caused by a TOCTOU in the ACPI device. An attacker with VM-level admin access can leak memory from the vmx process. CVE-2020-3982 is a related out-of-bounds write in the same ACPI TOCTOU path, potentially...
CVE-2012-3569
CVE-2012-3569 is a format-string vulnerability in VMware OVF Tool 2.1 on Windows (affecting VMware Workstation 8.x before 8.0.5, VMware Player 4.x before 4.0.5, and related products). The flaw arises during OVF file parsing, enabling a attacker to achieve arbitrary code execution via a crafted OV...
CVE-2018-6981
CVE-2018-6981 describes an uninitialized stack memory issue in the vmxnet3 virtual network adapter that could allow a guest to execute code on the host. Affected VMware products include ESXi 6.7 (without ESXi670-201811401-BG), ESXi 6.5 (without ESXi650-201811301-BG), ESXi 6.0 (without ESXi600-201...
CVE-2013-1406
CVE-2013-1406 affects VMware VMCI in vmci.sys across VMware Workstation (8.x before 8.0.5; 9.x before 9.0.1), VMware Fusion (4.1 before 4.1.4; 5.0 before 5.0.2), VMware View (4.x before 4.6.2; 5.x before 5.1.2), VMware ESXi/ESX (4.0–5.1). Root cause: improper restriction of memory allocation by V...
CVE-2010-2249
CVE-2010-2249 affects libpng: memory leak in pngrutil.c when processing certain PNG chunks (notably sCAL). Versions affected are libpng before 1.2.44 and 1.4.x before 1.4.3; exploitation can cause a denial of service via memory consumption and application crash. Remediation per connected sources ...
CVE-2019-5519
CVE-2019-5519 describes a TOCTOU vulnerability in the virtual USB 1.1 UHCI on VMware products. A guest VM with a virtual USB controller can potentially execute code on the host. Affected: VMware ESXi (various 6.x versions), Workstation (14.x/15.x), and Fusion (10.x/11.x) before the patched builds...
CVE-2024-22253
CVE-2024-22253 is a use-after-free in the UHCI USB controller affecting VMware ESXi, Workstation, and Fusion. A malicious actor with local VM admin privileges can exploit it to execute code as the VMX process on the host; on ESXi this is contained within the VMX sandbox, while Workstation/Fusion ...
CVE-2019-5518
CVE-2019-5518 concerns an out-of-bounds read/write in the virtual USB 1.1 UHCI for VMware products. A guest VM with a virtual USB controller can potentially execute code on the host. Affected: VMware ESXi (6.0/6.5/6.7), Workstation (14.x/15.x), and Fusion (10.x/11.x). Root cause: out-of-bounds ac...
CVE-2017-4941
CVE-2017-4941 affects VMware products: ESXi 6.0 (pre-ESXi600-201711101-SG) and ESXi 5.5 (pre-ESXi550-201709101-SG); Workstation 12.x (pre-12.5.8); and Fusion 8.x (pre-8.5.9). The vulnerability is a stack overflow in the remote management function triggered by a specific set of VNC packets, which ...
CVE-2015-6933
CVE-2015-6933 affects VMware Tools HGFS across VMware Workstation (11.x prior to 11.1.2), VMware Player (7.x prior to 7.1.2), VMware Fusion (7.x prior to 7.1.2), and VMware ESXi (5.0–6.0). Root cause: HGFS/shared folders component vulnerability leading to guest OS privilege escalation or guest ke...
CVE-2018-6982
CVE-2018-6982 affects VMware ESXi 6.5 and 6.7 (and related VMware products) due to uninitialized stack memory usage in the vmxnet3 virtual network adapter, which may leak information from host to guest when vmxnet3 is enabled. The Connected documents corroborate that ESXi 6.7 requires ESXi670-201...
CVE-2009-1244
CVE-2009-1244 is a VMware-hosted products issue where a guest OS could execute code on the host via the virtual machine display function. Affected products include VMware Server/Player/Workstation and related hosted ESX/ESXi components (as described in the CVE record). The root cause is described...
CVE-2023-34044
CVE-2023-34044 is an out-of-bounds read vulnerability in VMware Workstation 17.x before 17.5 and VMware Fusion 13.x before 13.5, in the Bluetooth host-device sharing function. A local attacker with VM privileges can read sensitive information from hypervisor memory. No exploit details are provide...
CVE-2017-4945
CVE-2017-4945 affects VMware Workstation (14.x, 12.x), Fusion (10.x, 8.x) and VMware Tools. Root cause: guest access control weakness that may allow code execution via Unity on locked Windows VMs. Affected components/versions: VMware Tools prior to 10.2.0; Tools 10.2.0 fixes this issue and is pac...
CVE-2009-2267
CVE-2009-2267 affects VMware products (Workstation, Player, ACE, Server, Fusion, ESXi/ESX) where Virtual-8086 mode is used. The root cause is an improper setting of the exception code on a page fault (#PF), allowing guest OS users to gain privileges on the guest OS by supplying a crafted value fo...
CVE-2009-4811
CVE-2009-4811 describes a remote denial-of-service in VMware Authorization Service (vmware-authd) via a crafted sequence in USER and PASS that crashes the process. Affected products include VMware Workstation 7.0 (before 7.0.1 build 227600), VMware Workstation 6.5.x (before 6.5.4 build 246459), V...
CVE-2018-6972
Summary of CVE-2018-6972 details from provided documents : VMware products — ESXi (versions listed as affected before certain update bundles), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) — are affected by a denial-of-service vulnerability due to a NULL pointer dereference in...
CVE-2020-3963
CVE-2020-3963 affects VMware ESXi (7.0 pre-7.0.0-1.20.16321839; 6.7 pre-670-202006401-SG; 6.5 pre-650-202005401-SG), Workstation 15.x pre-15.5.2, and Fusion 11.x pre-11.5.2 with a use-after-free in PVNVRAM that could allow a local attacker with VM access to read privileged memory. VMware’s VMSA-2...
CVE-2024-22273
CVE-2024-22273 affects VMware ESXi, Workstation, and Fusion storage controllers, with an out-of-bounds read/write flaw that may let a VM-adjacent attacker cause a denial of service or, in conjunction with other issues, execute code on the hypervisor. Exploitation is described as local (requires a...
CVE-2015-1043
Affected products and component: VMware HGFS in Workstation 10.x (before 10.0.5), VMware Player 6.x (before 6.0.5), and VMware Fusion 6.x (before 6.0.5) and 7.x (before 7.0.1). Vulnerability and impact: HGFS input validation flaw that allows guest OS users to cause a guest OS denial of service. T...
CVE-2020-3964
CVE-2020-3964 is an information-leak vulnerability in the EHCI USB controller affecting VMware products. A local attacker with access to a guest VM can read privileged information from the hypervisor memory, under conditions described by VMware and Red Hat/CNVD disclosures. Affected are: ESXi 7.0...
CVE-2019-5526
Summary: CVE-2019-5526 affects VMware Workstation (15.x before 15.1.0). The issue is a DLL hijacking flaw where certain DLLs are loaded improperly, notably involving shfolder.dll and SHGetFolderPathW. Impact: successful exploitation can escalate from normal user privileges to administrator on a W...
CVE-2023-20854
VMware Workstation 17.x (before 17.0.1) is affected by CVE-2023-20854, an arbitrary file deletion vulnerability that requires local privileges. The issue arises in VMware Workstation and can lead to deletion of arbitrary files on the host running the product. Remediation is to update to version 1...
CVE-2020-3965
CVE-2020-3965 affects VMware ESXi, Workstation, and Fusion, describing an information-leak in the XHCI USB controller that could let a local VM attacker read privileged information from hypervisor memory. Affected: ESXi 7.0 (pre-1.20.16321839), 6.7 (pre-670-202006401-SG), 6.5 (pre-650-202005401-S...
CVE-2020-3958
CVE-2020-3958 affects VMware products (ESXi, Workstation, Fusion): a denial-of-service in the shader functionality. A non-administrative attacker with access to a VM may crash the vmx process, causing a DoS. Affected versions include ESXi 6.7 prior to 670-202004101-SG and ESXi 6.5 prior to 650-20...