Fusion - Vulncode-DB

Note:

This project will be discontinued after December 13, 2021. [more]

Product:
Fusion
(Vmware)

Repositories	Unknown: This might be proprietary software.
#Vulnerabilities	120

Date	Id	Summary	Products	Score	Patch	Annotated
2018-12-04	CVE-2018-6981	VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host.	Esxi, Fusion, Workstation	8.8
2018-12-04	CVE-2018-6982	VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may lead to an information leak from host to guest.	Esxi, Fusion, Workstation	6.5
2018-07-09	CVE-2018-6965	VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6966 and CVE-2018-6967.	Esxi, Fusion, Workstation	8.1
2018-07-09	CVE-2018-6966	VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6967.	Esxi, Fusion, Workstation	8.1
2018-07-09	CVE-2018-6967	VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6966.	Esxi, Fusion, Workstation	8.1
2018-01-04	CVE-2017-5753	Systems with microprocessors utilizing speculative execution and branch prediction may allow unauthorized disclosure of information to an attacker with local user access via a side-channel analysis.	Cortex\-A12_firmware, Cortex\-A15_firmware, Cortex\-A17_firmware, Cortex\-A57_firmware, Cortex\-A72_firmware, Cortex\-A73_firmware, Cortex\-A75_firmware, Cortex\-A76_firmware, Cortex\-A77_firmware, Cortex\-A78_firmware, Cortex\-A78ae_firmware, Cortex\-A8_firmware, Cortex\-A9_firmware, Cortex\-R7_firmware, Cortex\-R8_firmware, Cortex\-X1_firmware, Neoverse_n1_firmware, Neoverse_n2_firmware, Ubuntu_linux, Debian_linux, Atom_c, Atom_e, Atom_x3, Atom_x5\-E3930, Atom_x5\-E3940, Atom_x7\-E3950, Atom_z, Celeron_j, Celeron_n, Core_i3, Core_i5, Core_i7, Core_m, Core_m3, Core_m5, Core_m7, Pentium_j, Pentium_n, Xeon, Xeon_bronze_3104, Xeon_bronze_3106, Xeon_e3, Xeon_e3_1105c_v2, Xeon_e3_1125c, Xeon_e3_1125c_v2, Xeon_e3_1220, Xeon_e3_12201, Xeon_e3_12201_v2, Xeon_e3_1220_v2, Xeon_e3_1220_v3, Xeon_e3_1220_v5, Xeon_e3_1220_v6, Xeon_e3_1220l_v3, Xeon_e3_1225, Xeon_e3_1225_v2, Xeon_e3_1225_v3, Xeon_e3_1225_v5, Xeon_e3_1225_v6, Xeon_e3_1226_v3, Xeon_e3_1230, Xeon_e3_1230_v2, Xeon_e3_1230_v3, Xeon_e3_1230_v5, Xeon_e3_1230_v6, Xeon_e3_1230l_v3, Xeon_e3_1231_v3, Xeon_e3_1235, Xeon_e3_1235l_v5, Xeon_e3_1240, Xeon_e3_1240_v2, Xeon_e3_1240_v3, Xeon_e3_1240_v5, Xeon_e3_1240_v6, Xeon_e3_1240l_v3, Xeon_e3_1240l_v5, Xeon_e3_1241_v3, Xeon_e3_1245, Xeon_e3_1245_v2, Xeon_e3_1245_v3, Xeon_e3_1245_v5, Xeon_e3_1245_v6, Xeon_e3_1246_v3, Xeon_e3_1258l_v4, Xeon_e3_1260l, Xeon_e3_1260l_v5, Xeon_e3_1265l_v2, Xeon_e3_1265l_v3, Xeon_e3_1265l_v4, Xeon_e3_1268l_v3, Xeon_e3_1268l_v5, Xeon_e3_1270, Xeon_e3_1270_v2, Xeon_e3_1270_v3, Xeon_e3_1270_v5, Xeon_e3_1270_v6, Xeon_e3_1271_v3, Xeon_e3_1275, Xeon_e3_1275_v2, Xeon_e3_1275_v3, Xeon_e3_1275_v5, Xeon_e3_1275_v6, Xeon_e3_1275l_v3, Xeon_e3_1276_v3, Xeon_e3_1278l_v4, Xeon_e3_1280, Xeon_e3_1280_v2, Xeon_e3_1280_v3, Xeon_e3_1280_v5, Xeon_e3_1280_v6, Xeon_e3_1281_v3, Xeon_e3_1285_v3, Xeon_e3_1285_v4, Xeon_e3_1285_v6, Xeon_e3_1285l_v3, Xeon_e3_1285l_v4, Xeon_e3_1286_v3, Xeon_e3_1286l_v3, Xeon_e3_1290, Xeon_e3_1290_v2, Xeon_e3_1501l_v6, Xeon_e3_1501m_v6, Xeon_e3_1505l_v5, Xeon_e3_1505l_v6, Xeon_e3_1505m_v5, Xeon_e5, Xeon_e5_1428l, Xeon_e5_1428l_v2, Xeon_e5_1428l_v3, Xeon_e5_1620, Xeon_e5_1620_v2, Xeon_e5_1620_v3, Xeon_e5_1620_v4, Xeon_e5_1630_v3, Xeon_e5_1630_v4, Xeon_e5_1650, Xeon_e5_1650_v2, Xeon_e5_1650_v3, Xeon_e5_1650_v4, Xeon_e5_1660, Xeon_e5_1660_v2, Xeon_e5_1660_v3, Xeon_e5_1660_v4, Xeon_e5_1680_v3, Xeon_e5_1680_v4, Xeon_e5_2403, Xeon_e5_2403_v2, Xeon_e5_2407, Xeon_e5_2407_v2, Xeon_e5_2408l_v3, Xeon_e5_2418l, Xeon_e5_2418l_v2, Xeon_e5_2418l_v3, Xeon_e5_2420, Xeon_e5_2420_v2, Xeon_e5_2428l, Xeon_e5_2428l_v2, Xeon_e5_2428l_v3, Xeon_e5_2430, Xeon_e5_2430_v2, Xeon_e5_2430l, Xeon_e5_2430l_v2, Xeon_e5_2438l_v3, Xeon_e5_2440, Xeon_e5_2440_v2, Xeon_e5_2448l, Xeon_e5_2448l_v2, Xeon_e5_2450, Xeon_e5_2450_v2, Xeon_e5_2450l, Xeon_e5_2450l_v2, Xeon_e5_2470, Xeon_e5_2470_v2, Xeon_e5_2603, Xeon_e5_2603_v2, Xeon_e5_2603_v3, Xeon_e5_2603_v4, Xeon_e5_2608l_v3, Xeon_e5_2608l_v4, Xeon_e5_2609, Xeon_e5_2609_v2, Xeon_e5_2609_v3, Xeon_e5_2609_v4, Xeon_e5_2618l_v2, Xeon_e5_2618l_v3, Xeon_e5_2618l_v4, Xeon_e5_2620, Xeon_e5_2620_v2, Xeon_e5_2620_v3, Xeon_e5_2620_v4, Xeon_e5_2623_v3, Xeon_e5_2623_v4, Xeon_e5_2628l_v2, Xeon_e5_2628l_v3, Xeon_e5_2628l_v4, Xeon_e5_2630, Xeon_e5_2630_v2, Xeon_e5_2630_v3, Xeon_e5_2630_v4, Xeon_e5_2630l, Xeon_e5_2630l_v2, Xeon_e5_2630l_v3, Xeon_e5_2630l_v4, Xeon_e5_2637, Xeon_e5_2637_v2, Xeon_e5_2637_v3, Xeon_e5_2637_v4, Xeon_e5_2640, Xeon_e5_2640_v2, Xeon_e5_2640_v3, Xeon_e5_2640_v4, Xeon_e5_2643, Xeon_e5_2643_v2, Xeon_e5_2643_v3, Xeon_e5_2643_v4, Xeon_e5_2648l, Xeon_e5_2648l_v2, Xeon_e5_2648l_v3, Xeon_e5_2648l_v4, Xeon_e5_2650, Xeon_e5_2650_v2, Xeon_e5_2650_v3, Xeon_e5_2650_v4, Xeon_e5_2650l, Xeon_e5_2650l_v2, Xeon_e5_2650l_v3, Xeon_e7, Xeon_e\-1105c, Xeon_gold, Xeon_phi, Xeon_platinum, Xeon_silver, Hci, Solidfire, Leap, Local_service_management_system, Solaris, Btc12_firmware, Btc14_firmware, Visunet_rm_shell, Bl2_bpc_1000_firmware, Bl2_bpc_2000_firmware, Bl2_bpc_7000_firmware, Bl2_ppc_1000_firmware, Bl2_ppc_2000_firmware, Bl2_ppc_7000_firmware, Bl_bpc_2000_firmware, Bl_bpc_2001_firmware, Bl_bpc_3000_firmware, Bl_bpc_3001_firmware, Bl_bpc_7000_firmware, Bl_bpc_7001_firmware, Bl_ppc12_1000_firmware, Bl_ppc15_1000_firmware, Bl_ppc15_3000_firmware, Bl_ppc15_7000_firmware, Bl_ppc17_1000_firmware, Bl_ppc17_3000_firmware, Bl_ppc17_7000_firmware, Bl_ppc_1000_firmware, Bl_ppc_7000_firmware, Bl_rackmount_2u_firmware, Bl_rackmount_4u_firmware, Dl_ppc15_1000_firmware, Dl_ppc15m_7000_firmware, Dl_ppc18\.5m_7000_firmware, Dl_ppc21\.5m_7000_firmware, El_ppc_1000\/m_firmware, El_ppc_1000\/wt_firmware, El_ppc_1000_firmware, Valueline_ipc_firmware, Vl2_bpc_1000_firmware, Vl2_bpc_2000_firmware, Vl2_bpc_3000_firmware, Vl2_bpc_7000_firmware, Vl2_bpc_9000_firmware, Vl2_ppc12_1000_firmware, Vl2_ppc7_1000_firmware, Vl2_ppc9_1000_firmware, Vl2_ppc_1000_firmware, Vl2_ppc_2000_firmware, Vl2_ppc_3000_firmware, Vl2_ppc_7000_firmware, Vl2_ppc_9000_firmware, Vl_bpc_1000_firmware, Vl_bpc_2000_firmware, Vl_bpc_3000_firmware, Vl_ipc_p7000_firmware, Vl_ppc_2000_firmware, Vl_ppc_3000_firmware, Simatic_itc1500_firmware, Simatic_itc1500_pro_firmware, Simatic_itc1900_firmware, Simatic_itc1900_pro_firmware, Simatic_itc2200_firmware, Simatic_itc2200_pro_firmware, Simatic_winac_rtx_\(F\)_2010_firmware, Suse_linux_enterprise_desktop, Suse_linux_enterprise_server, Suse_linux_enterprise_software_development_kit, Diskstation_manager, Router_manager, Skynas, Virtual_machine_manager, Vs360hd_firmware, Vs960hd_firmware, Esxi, Fusion, Workstation	5.6
2016-08-08	CVE-2016-5330	Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1.x before 12.1.1, VMware Workstation Player 12.1.x before 12.1.1, and VMware Fusion 8.1.x before 8.1.1 allows local users to gain privileges via a Trojan horse DLL in the current working directory.	Esxi, Fusion, Tools, Workstation_player, Workstation_pro	7.8
2019-04-01	CVE-2019-5514	VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware Tools is installed. This may further be exploited to execute commands on the guest machines.	Fusion	8.8
2019-10-10	CVE-2019-5535	VMware Workstation and Fusion contain a network denial-of-service vulnerability due to improper handling of certain IPv6 packets. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.7.	Fusion, Workstation	4.7
2019-10-28	CVE-2019-5536	VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with normal user privileges to create a denial-of-service condition on their own VM. Exploitation of this issue require an attacker to have access to a virtual machine with 3D graphics enabled. It is not enabled by...	Esxi, Fusion, Workstation	6.5