Workstation Security Vulnerabilities and Issues — Workstation CVE List

Lucene search

VmwareWorkstation

17 matches found

CVE•added 2018/01/04 1:29 p.m.•1018 views

CVE-2017-5753

Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.

5.6CVSS6.1AI score0.94332EPSS

CVE•added 2018/08/15 12:29 p.m.•142 views

CVE-2018-6973

VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host.

8.8CVSS8.7AI score0.00164EPSS

CVE•added 2018/10/16 8:0 p.m.•141 views

CVE-2018-6974

VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

8.8CVSS8.6AI score0.00064EPSS

CVE•added 2018/12/04 2:29 p.m.•120 views

CVE-2018-6981

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmx...

8.8CVSS8.7AI score0.09168EPSS

CVE•added 2018/12/04 2:29 p.m.•118 views

CVE-2018-6982

VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.

6.5CVSS7.2AI score0.00349EPSS

CVE•added 2018/01/05 2:29 p.m.•107 views

CVE-2017-4945

VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstat...

5.5CVSS5.9AI score0.00062EPSS

CVE•added 2018/07/25 1:29 p.m.•106 views

CVE-2018-6972

VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in R...

6.5CVSS6.3AI score0.03776EPSS

CVE•added 2018/07/09 8:29 p.m.•93 views

CVE-2018-6965

VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user pri...

8.1CVSS7.4AI score0.00392EPSS

CVE•added 2018/10/09 8:29 p.m.•86 views

CVE-2018-6977

VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsi...

6.5CVSS6.3AI score0.0008EPSS

CVE•added 2018/07/09 8:29 p.m.•84 views

CVE-2018-6966

8.1CVSS7.4AI score0.00392EPSS

CVE•added 2018/07/09 8:29 p.m.•80 views

CVE-2018-6967

8.1CVSS7.4AI score0.00392EPSS

CVE•added 2018/05/22 1:29 p.m.•65 views

CVE-2018-6963

VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine...

5.5CVSS5.7AI score0.00064EPSS

CVE•added 2018/01/11 2:29 p.m.•62 views

CVE-2017-4950

VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by defau...

7CVSS6.2AI score0.00047EPSS

CVE•added 2018/01/11 2:29 p.m.•61 views

CVE-2017-4949

VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default.

7CVSS6.1AI score0.00071EPSS

CVE•added 2018/01/05 2:29 p.m.•60 views

CVE-2017-4948

VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on th...

7.1CVSS6.9AI score0.0004EPSS

CVE•added 2018/04/13 1:29 p.m.•54 views

CVE-2018-5511

On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced.

7.2CVSS7AI score0.0604EPSS

CVE•added 2018/11/27 5:29 p.m.•47 views

CVE-2018-6983

VMware Workstation (15.x before 15.0.2 and 14.x before 14.1.5) and Fusion (11.x before 11.0.2 and 10.x before 10.1.5) contain an integer overflow vulnerability in the virtual network devices. This issue may allow a guest to execute code on the host.

8.8CVSS8.8AI score0.00058EPSS