Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Workstation
(Vmware)Repositories |
Unknown: This might be proprietary software. |
#Vulnerabilities | 202 |
Date | Id | Summary | Products | Score | Patch | Annotated |
---|---|---|---|---|---|---|
2023-04-25 | CVE-2023-20872 | VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation. | Fusion, Workstation | 8.8 | ||
2023-04-25 | CVE-2023-20869 | VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. | Fusion, Workstation | 8.2 | ||
2023-04-25 | CVE-2023-20870 | VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. | Fusion, Workstation | 6.0 | ||
2023-10-20 | CVE-2023-34044 | VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. | Fusion, Workstation | 6.0 | ||
2009-10-16 | CVE-2009-3707 | VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\xFF sequence in the USER and PASS commands, related to a... | Ace, Player, Server, Workstation | N/A | ||
2010-04-27 | CVE-2009-4811 | VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Server 2.x allows remote attackers to cause a denial of service (process crash) via a \x25\x90 sequence in the USER and PASS commands, a related... | Ace, Player, Server, Workstation | N/A | ||
2010-06-30 | CVE-2010-1205 | Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. | Iphone_os, Itunes, Mac_os_x, Mac_os_x_server, Safari, Ubuntu_linux, Debian_linux, Fedora, Chrome, Libpng, Firefox, Seamonkey, Thunderbird, Opensuse, Linux_enterprise_server, Player, Workstation | 9.8 | ||
2010-06-30 | CVE-2010-2249 | Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. | Iphone_os, Itunes, Safari, Tvos, Ubuntu_linux, Debian_linux, Fedora, Libpng, Opensuse, Linux_enterprise_server, Player, Workstation | 6.5 | ||
2010-04-12 | CVE-2009-3732 | Format string vulnerability in vmware-vmrc.exe build 158248 in VMware Remote Console (aka VMrc) allows remote attackers to execute arbitrary code via unspecified vectors. | Ace, Player, Server, Workstation | N/A | ||
2010-12-06 | CVE-2010-4296 | vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files. | Fusion, Player, Server, Workstation | N/A |