Workstation Security Vulnerabilities and Issues — Workstation CVE List

Lucene search

VmwareWorkstation

15 matches found

CVE•added 2017/06/08 1:29 p.m.•155 views

CVE-2017-4901

The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. This may allow a guest to execute code on the operating system that runs Workstation or Fusion.

9.9CVSS7.3AI score0.20903EPSS

CVE•added 2017/12/20 3:29 p.m.•117 views

CVE-2017-4941

VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this...

8.8CVSS8.7AI score0.04776EPSS

CVE•added 2017/09/15 1:29 p.m.•83 views

CVE-2017-4925

VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC reque...

5.5CVSS6AI score0.00058EPSS

CVE•added 2017/06/08 1:29 p.m.•57 views

CVE-2017-4912

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that ru...

7.8CVSS6.7AI score0.00066EPSS

CVE•added 2017/06/08 1:29 p.m.•56 views

CVE-2017-4910

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstat...

7.8CVSS6.7AI score0.00066EPSS

CVE•added 2017/06/08 1:29 p.m.•55 views

CVE-2017-4913

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstat...

7.8CVSS6.5AI score0.00057EPSS

CVE•added 2017/06/08 1:29 p.m.•54 views

CVE-2017-4909

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Work...

7.8CVSS6.5AI score0.00066EPSS

CVE•added 2017/11/17 2:29 p.m.•53 views

CVE-2017-4938

VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.

6.5CVSS7.1AI score0.00046EPSS

CVE•added 2017/11/17 2:29 p.m.•51 views

CVE-2017-4935

VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Worksta...

7.8CVSS7.9AI score0.00063EPSS

CVE•added 2017/11/17 2:29 p.m.•51 views

CVE-2017-4936

VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstat...

7.8CVSS8.2AI score0.00051EPSS

CVE•added 2017/06/08 1:29 p.m.•50 views

CVE-2017-4911

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Worksta...

7.8CVSS6.8AI score0.00066EPSS

CVE•added 2017/06/08 1:29 p.m.•48 views

CVE-2017-4908

VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workst...

7.8CVSS6.8AI score0.00066EPSS

CVE•added 2017/11/17 2:29 p.m.•48 views

CVE-2017-4934

VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host.

8.8CVSS8.6AI score0.00047EPSS

CVE•added 2017/11/17 9:29 p.m.•47 views

CVE-2017-4939

VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. This issue may allow an attacker to load a DLL file of the attacker's choosing that could execute arbitrary code.

7.8CVSS8.2AI score0.00173EPSS

CVE•added 2017/11/17 2:29 p.m.•43 views

CVE-2017-4937

7.8CVSS8.2AI score0.00063EPSS