27 matches found
CVE-2021-22040
Vulnerability CVE-2021-22040 affects VMware ESXi, Workstation, and Fusion due to a use-after-free in the XHCI USB controller. The issue lets a malicious actor with local VM admin privileges execute code as the host VMX process running on the host. This is a host-level impact triggered from within...
CVE-2017-4924
CVE-2017-4924 is a VMware SVGA out-of-bounds write vulnerability that can allow a guest VM to execute code on the host. Affected products and versions (per provided docs): ESXi 6.5 prior to patch ESXi650-201707101-SG; VMware Workstation 12.x prior to 12.5.7; VMware Fusion 8.x prior to 8.5.8. The ...
CVE-2018-6957
CVE-2018-6957 affects VMware Workstation Pro/Player (14.x prior to 14.1.1; 12.x) and VMware Fusion (10.x prior to 10.1.1 and 8.x). The vulnerability is a denial-of-service that can be triggered by opening a large number of VNC sessions; exploitation requires VNC to be manually enabled. Public-fac...
CVE-2017-4905
CVE-2017-4905 affects VMware ESXi (multiple versions) and VMware Workstation/Fusion up to specific builds, caused by uninitialized memory usage that could leak information. Connected documents provide concrete details: affected products/versions, the root cause (uninitialized memory), and impact ...
CVE-2017-4925
CVE-2017-4925 is a NULL pointer dereference vulnerability that occurs when handling guest RPC requests, enabling a locally authenticated attacker with normal user privileges to crash affected VMs. Affected products/versions include VMware ESXi 6.5 (without patch ESXi650-201707101-SG), 6.0 (withou...
CVE-2017-4903
CVE-2017-4903 corresponds to an uninitialized stack memory usage in SVGA affecting VMware products. Affected: ESXi 6.5 and older 6.x/5.5 builds listed as without patches (e.g., ESXi650-201703410-SG; ESXi600-201703401-SG; ESXi600-201703403-SG; ESXi600-201703402-SG; ESXi550-201703401-SG); Workstati...
CVE-2017-4915
Summary (validated data): CVE-2017-4915 is a local privilege-escalation vulnerability in VMware Workstation Pro/Player on Linux caused by insecure loading of libraries via the ALSA sound driver configuration files (.asoundrc). The issue allows unprivileged host users to elevate privileges to root...
CVE-2017-4902
CVE-2017-4902 refers to a Heap Buffer Overflow in SVGA that can allow a guest to execute code on the host. Affected products are: VMware ESXi 6.5 (without patch ESXi650-201703410-SG) and ESXi 5.5 (without patch ESXi550-201703401-SG); VMware Workstation Pro/Player 12.x before 12.5.5; VMware Fusion...
CVE-2016-5330
CVE-2016-5330 describes a local privilege-escalation in VMware HGFS (Shared Folders) where a Trojan horse DLL loaded from the current working directory or other insecure paths can be executed with the rights of the affected guest/user. The vulnerability affects multiple VMware products and versio...
CVE-2017-4933
Summary: CVE-2017-4933 affects VMware ESXi (6.5 prior to ESXi650-201710401-BG), VMware Workstation (12.x prior to 12.5.8), and VMware Fusion (8.x prior to 8.5.9). It describes a heap overflow in the VNC component that can be triggered by a specific set of VNC packets in an authenticated VNC sessi...
CVE-2017-4904
CVE-2017-4904 concerns VMware products with uninitialized memory usage in the XHCI controller, potentially allowing a guest to execute code on the host. Affected: VMware ESXi (versions 5.5 and later) without patches ESXi650-201703410-SG, ESXi600-201703401-SG, ESXi600-201703403-SG, ESXi600-2017034...
CVE-2016-7461
CVE-2016-7461 affects VMware desktop products via a drag-and-drop (DnD) and copy-paste (CnP) memory handling bug in the DnD/CnP RPC path. The issue allows a guest OS user to execute arbitrary code on the host or cause a host DoS through an out-of-bounds memory access. Affected: VMware Workstation...
CVE-2020-3990
VMware Workstation (15.x) and Horizon Client for Windows (5.x prior to 5.4.4) are affected by CVE-2020-3990 due to an integer overflow in Cortado ThinPrint. A local attacker with access to a guest VM can exploit this to disclose memory from the TPView process, only if virtual printing is enabled ...
CVE-2020-3988
CVE-2020-3988 affects VMware Workstation 15.x and Horizon Client for Windows 5.x (pre-5.4.4). The issue is an out-of-bounds read in the Cortado ThinPrint JPEG2000 parser, which can allow a local attacker with VM access to cause a partial DoS or leak memory from TPView. Evidence from multiple sour...
CVE-2020-3986
CVE-2020-3986 affects VMware Workstation 15.x and Horizon Client for Windows 5.x (before 5.4.4). The issue is an out-of-bounds read in the Cortado ThinPrint EMF Parser, allowing a user with normal access to a VM to cause partial DoS or memory leakage in the TPView process. Modes of exploitation a...
CVE-2017-4898
CVE-2017-4898 affects VMware Workstation Pro/Player 12.x prior to 12.5.3. The issue is a DLL loading vulnerability in the vmware-vmx process caused by loading DLLs from a path defined in a local environment variable, which may allow a local attacker to escalate privileges to SYSTEM on the host. V...
CVE-2020-3987
CVE-2020-3987 is an out-of-bounds read vulnerability in the Cortado ThinPrint EMR STRETCHDIBITS parser affecting VMware Workstation 15.x and Horizon Client for Windows older than 5.4.4. A malicious actor with normal access to a guest VM may trigger a partial DoS or leak memory from the TPView pro...
CVE-2017-4899
VMware Workstation Pro/Player 12.x prior to 12.5.3 contains a vulnerability in the SVGA driver (CVE-2017-4899) that can crash the guest VM or trigger an out-of-bounds read. Exploitation is described as local (within a VM) and is conditioned on the host lacking graphics hardware/drivers. The issue...
CVE-2016-7083
CVE-2016-7083 — VMware Workstation/Player 12.x prior to 12.5.0 (Windows) is vulnerable when Cortado ThinPrint virtual printing is enabled. The flaw stems from handling TrueType fonts embedded in EMFSPOOL, which could let a guest OS user execute arbitrary code on the host or trigger a host memory ...
CVE-2017-4916
CVE-2017-4916 is a NULL pointer dereference in the vstor2 driver affecting VMware Workstation Pro/Player (12.x). Public sources document denial-of-service via local exploitation on Windows hosts with normal user privileges. Several references tie the issue to VMware Workstation 12.x before 12.5.5...
CVE-2016-7082
CVE-2016-7082 affects VMware Workstation Pro 12.x and Workstation Player 12.x on Windows prior to 12.5.0 when Cortado ThinPrint virtual printing is enabled. The issue stems from improper handling of EMF files in tpview.dll, causing memory corruption and enabling arbitrary code execution on the ho...
CVE-2016-7084
CVE-2016-7084 affects VMware Workstation Pro 12.x and VMware Workstation Player 12.x on Windows (pre-12.5.0) where tpview.dll handles Cortado ThinPrint virtual printing. The root issue allows a guest OS user to trigger arbitrary code execution on the host or cause host memory corruption via a JPE...
CVE-2020-3989
VMware Workstation 15.x and Horizon Client for Windows (5.x before 5.4.4) are affected by CVE-2020-3989 due to an out-of-bounds write in the Cortado ThinPrint component. This enables a local attacker with VM access to trigger a partial denial-of-service if virtual printing is enabled (not default...
CVE-2017-4900
VMware Workstation Pro/Player 12.x prior to 12.5.3 contains a NULL pointer dereference in the SVGA driver. The issue allows a local attacker with normal user privileges to crash the guest VM (and potentially disrupt host stability). VMware’s VMSA-2017-0003 documents three related CVEs (including ...
CVE-2016-7085
CVE-2016-7085 describes an untrusted search path vulnerability in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, enabling local privilege escalation via a Trojan horse DLL placed in an unspecified directory. The initial description states th...
CVE-2016-7086
The CVE-2016-7086 issue affects VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows. The root cause is a Trojan horse setup64.exe placed in the installation directory, enabling local privilege escalation for attackers with local access. The public...
CVE-2016-7081
VMware Workstation 12.x (both Pro and Player) before 12.5.0 is affected by multiple heap-based buffer overflow vulnerabilities in Cortado ThinPrint handling, allowing a guest OS user to cause host code execution. CVEs include CVE-2016-7081 through CVE-2016-7086; impact is local, with potential ar...