) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.
Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:vmware:fusion:8.0:*:*:*:*:*:*:*
- CPE Name Search: true
| Vuln ID | Summary | CVSS Severity |
|---|---|---|
| CVE-2018-6957 |
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled. Published: March 15, 2018; 3:29:01 PM -0400 |
V3.0: 5.3 MEDIUM V2.0: 3.5 LOW |
| CVE-2017-4950 |
VMware Workstation and Fusion contain an integer overflow vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may lead to an out-of-bound read which can then be used to execute code on the host in conjunction with other issues. Note: IPv6 mode for VMNAT is not enabled by default. Published: January 11, 2018; 9:29:00 AM -0500 |
V3.0: 7.0 HIGH V2.0: 6.9 MEDIUM |
| CVE-2017-4949 |
VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default. Published: January 11, 2018; 9:29:00 AM -0500 |
V3.0: 7.0 HIGH V2.0: 6.9 MEDIUM |
| CVE-2017-4945 |
VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is consumed by Workstation 14.1.0 and Fusion 10.1.0 by default. Published: January 05, 2018; 9:29:10 AM -0500 |
V3.0: 5.5 MEDIUM V2.0: 2.1 LOW |