Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Workstation_pro
(Vmware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 23 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2017-05-22 | CVE-2017-4915 | VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Successful exploitation of this issue may allow unprivileged host users to escalate their privileges to root in a Linux host machine. | Workstation_player, Workstation_pro | 7.8 | ||
| 2017-06-07 | CVE-2017-4898 | VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed. | Workstation_player, Workstation_pro | 8.8 | ||
| 2018-03-15 | CVE-2018-6957 | VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled. | Fusion, Workstation_player, Workstation_pro | 5.3 | ||
| 2017-05-22 | CVE-2017-4916 | VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation of this issue may allow host users with normal user privileges to trigger a denial-of-service in a Windows host machine. | Workstation_player, Workstation_pro | 6.5 | ||
| 2017-06-07 | CVE-2017-4900 | VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. | Workstation_player, Workstation_pro | 5.5 | ||
| 2017-06-07 | CVE-2017-4899 | VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed. | Workstation_player, Workstation_pro | 4.7 | ||
| 2016-12-29 | CVE-2016-7461 | The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors. | Fusion, Fusion_pro, Workstation_player, Workstation_pro | 8.8 | ||
| 2016-12-29 | CVE-2016-7086 | The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory. | Workstation_player, Workstation_pro | 7.8 | ||
| 2016-12-29 | CVE-2016-7085 | Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | Workstation_player, Workstation_pro | 7.8 | ||
| 2016-12-29 | CVE-2016-7084 | tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image. | Workstation_player, Workstation_pro | 7.8 |