Search Results (Refine Search)
- Results Type: Overview
- Keyword (text search): cpe:2.3:a:vmware:workstation_player:12.1.1:*:*:*:*:*:*:*
- CPE Name Search: true
Vuln ID | Summary | CVSS Severity |
---|---|---|
CVE-2018-6957 |
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled. Published: March 15, 2018; 3:29:01 PM -0400 |
V3.0: 5.3 MEDIUM V2.0: 3.5 LOW |
CVE-2017-4905 |
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak. Published: June 07, 2017; 2:29:00 PM -0400 |
V3.1: 5.5 MEDIUM V2.0: 2.1 LOW |
CVE-2017-4904 |
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5. Published: June 07, 2017; 2:29:00 PM -0400 |
V3.1: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-4903 |
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host. Published: June 07, 2017; 2:29:00 PM -0400 |
V3.1: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2017-4902 |
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host. Published: June 07, 2017; 2:29:00 PM -0400 |
V3.1: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-7461 |
The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors. Published: December 29, 2016; 4:59:00 AM -0500 |
V3.0: 8.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-7086 |
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory. Published: December 29, 2016; 4:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-7085 |
Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. Published: December 29, 2016; 4:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 7.2 HIGH |
CVE-2016-7084 |
tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via a JPEG 2000 image. Published: December 29, 2016; 4:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 6.9 MEDIUM |
CVE-2016-7083 |
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL. Published: December 29, 2016; 4:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 5.9 MEDIUM |
CVE-2016-7082 |
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file. Published: December 29, 2016; 4:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 5.9 MEDIUM |
CVE-2016-7081 |
Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. Published: December 29, 2016; 4:59:00 AM -0500 |
V3.0: 7.8 HIGH V2.0: 6.9 MEDIUM |