Latest vmware workstation Vulnerabilities

CVE-2023-34044
VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtua...
VMware Workstation>=17.0.0<17.5
VMware Fusion>=13.0.0<13.5
Apple Mac OS X
CVE-2023-20870
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
VMware Fusion>=13.0.0<13.0.2
VMware Workstation>=17.0.0<17.0.2
CVE-2023-20869
VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
VMware Fusion>=13.0.0<13.0.2
VMware Workstation>=17.0.0<17.0.2
CVE-2023-20872
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
VMware Fusion=13.0.0
Apple Mac OS X
VMware Workstation=17.0.0
CVE-2023-20854
VMware Workstation contains an arbitrary file deletion vulnerability. A malicious actor with local user privileges on the victim's machine may exploit this vulnerability to delete arbitrary files from...
VMware Workstation=17.0
Microsoft Windows
CVE-2022-31705
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may ...
VMware Workstation>=16.0.0<16.2.5
VMware ESXi=7.0
VMware ESXi=7.0-beta
VMware ESXi=7.0-update_1
VMware ESXi=7.0-update_1a
VMware ESXi=7.0-update_1b
and 16 more
CVE-2022-22983
VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. A malicious actor with local user privileges to the victim machine may exploit this vulnerabilit...
VMware Workstation>=16.0.0<16.2.4
CVE-2021-22041
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue...
VMware Cloud Foundation>=3.0<3.11
VMware Cloud Foundation>=4.0<4.4
VMware Fusion>=12.0.0<12.2.1
VMware Fusion
VMware Workstation>=16.0.0<16.2.1
VMware ESXi=6.5-650-202202401
and 165 more
CVE-2022-22938
VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component. The issue exists in TrueTyp...
VMware Workstation>=16.0.0<16.2.2
Microsoft Windows
Vmware Horizon>=5.0.0<5.5.3
CVE-2021-22045
VMware Workstation SCSI Heap-based Buffer Overflow Privilege Escalation Vulnerability
VMware Workstation
VMware Cloud Foundation>=3.0<=3.10.2.2
VMware Cloud Foundation>=4.0<=4.3.1
VMware Workstation>=16.0.0<16.2.0
VMware Fusion>=12.0.0<12.2.0
Apple Mac OS X
and 213 more
CVE-2020-3960
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe...
VMware Fusion>=11.0.0<11.5.5
VMware Workstation>=15.0.0<15.5.5
VMware vSphere ESXi=6.5
VMware vSphere ESXi=6.5-650-201701001
VMware vSphere ESXi=6.5-650-201703001
VMware vSphere ESXi=6.5-650-201703002
and 17 more
CVE-2021-21999
VMware Workstation Tools Uncontrolled Search Path Element Local Privilege Escalation Vulnerability
VMware Workstation
VMware App Volumes>=2.0<2.18.10
VMware App Volumes>=4<2103
Vmware Remote Console>=12.0.0<12.0.1
VMware Workstation>=11.0.0<11.2.6
CVE-2021-21988
VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability
VMware Workstation
VMware Workstation>=16.0.0<16.1.2
Vmware Horizon Client>=5.0.0<5.5.2
Microsoft Windows
CVE-2021-21989
VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability
VMware Workstation
VMware Workstation>=16.0.0<16.1.2
Vmware Horizon Client>=5.0.0<5.5.2
Microsoft Windows
CVE-2021-21987
VMware Workstation ThinPrint TTCHeader Out-Of-Bounds Read Information Disclosure Vulnerability
VMware Workstation
VMware Workstation>=16.0.0<16.1.2
Vmware Horizon Client>=5.0.0<5.5.2
Microsoft Windows
CVE-2020-3999
VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation...
VMware Workstation>=15.0.0<15.5.7
VMware ESXi>=7.0.0<esxi70u1c-17325551
VMware Fusion>=11.5.0<11.5.7
Apple Mac OS X
CVE-2020-3995
In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors conta...
VMware ESXi=6.7
VMware ESXi=6.7-670-201806001
VMware ESXi=6.7-670-201807001
VMware ESXi=6.7-670-201808001
VMware ESXi=6.7-670-201810001
VMware ESXi=6.7-670-201810101
and 169 more
CVE-2020-3982
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulne...
VMware ESXi=7.0.0
VMware ESXi=7.0.0-1.20.16321839
VMware ESXi=6.7
VMware ESXi=6.7-670-201806001
VMware ESXi=6.7-670-201807001
VMware ESXi=6.7-670-201808001
and 220 more
CVE-2020-3981
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulner...
VMware Cloud Foundation>=3.0<3.10.1
VMware Cloud Foundation>=4.0<4.1
VMware Workstation>=15.0.0<=15.5.6
VMware ESXi=7.0.0
VMware ESXi=7.0.0-1.20.16321839
VMware Fusion>=11.0<11.5.6
and 219 more
CVE-2020-3966
VMware Workstation EHCI Time-Of-Check Time-Of-Use Privilege Escalation Vulnerability
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.2
VMware Workstation>=15.0.0<15.5.2
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 175 more
CVE-2020-3964
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an inf...
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.2
VMware Workstation>=15.0.0<15.5.2
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 184 more
CVE-2020-3963
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-...
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.2
VMware Workstation>=15.0.0<15.5.2
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 184 more
CVE-2020-3967
VMware Workstation EHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.5
VMware Workstation>=15.0.0<15.5.5
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 175 more
CVE-2020-3968
VMware Workstation xHCI Isoch TD Out-Of-Bounds Write Privilege Escalation Vulnerability
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.5
VMware Workstation>=15.0.0<15.5.5
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 175 more
CVE-2020-3970
VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
VMware Workstation
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.5
VMware Workstation>=15.0.0<15.5.5
VMware ESXi=6.5
and 175 more
CVE-2020-3971
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet...
VMware Cloud Foundation>=3.0<3.7.2
VMware Fusion>=11.0.0<11.0.2
VMware Workstation>=15.0.0<15.0.2
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
VMware ESXi=6.5-650-201703001
and 88 more
CVE-2020-3965
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an inf...
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.2
VMware Workstation>=15.0.0<15.5.2
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 184 more
CVE-2020-3962
VMware Workstation SVGA DXInvalidateContext Use-After-Free Privilege Escalation Vulnerability
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.5
VMware Workstation>=15.0.0<15.5.5
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 175 more
CVE-2020-3969
VMware Workstation SVGA3D Command Heap Overflow Privilege Escalation Vulnerability
VMware Workstation
VMware Cloud Foundation>=3.0<3.10
VMware Cloud Foundation>=4.0.0<4.0.1
VMware Fusion>=11.0.0<11.5.5
VMware Workstation>=15.0.0<15.5.5
VMware ESXi=6.5
and 175 more
CVE-2020-3959
VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in...
VMware Fusion>=11.0.0<11.1.0
VMware Workstation>=15.0.0<15.1.0
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
VMware ESXi=6.5-650-201703001
VMware ESXi=6.5-650-201703002
and 180 more
CVE-2020-3958
VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerabil...
VMware Fusion>=11.0.0<11.5.2
VMware Workstation>=15.0.0<15.5.2
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
VMware ESXi=6.5-650-201703001
VMware ESXi=6.5-650-201703002
and 180 more
CVE-2020-3951
VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attacke...
Vmware Horizon Client>=5.0.0<5.4.0
VMware Workstation>=15.0.0<15.5.2
Microsoft Windows
CVE-2020-3947
VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a use-after vulnerability in vmnetdhcp. Successful exploitation of this issue may lead to code execution on the host fro...
VMware Fusion>11.0.0<11.5.2
VMware Workstation>=15.0.0<15.5.2
CVE-2020-3948
Linux Guest VMs running on VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinpr...
VMware Fusion>=11.0.0<11.5.2
VMware Workstation>=15.0.0<15.5.2
CVE-2019-5543
For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing co...
Vmware Horizon Client>=5.0.0<5.3.0
VMware Remote Console>=10.0.0<11.0.0
VMware Workstation>=15.0.0<15.5.2
Microsoft Windows
CVE-2019-5183
An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. A specially crafted pixel shader can cause a type co...
AMD ATIDXX64=26.20.13031.10003
AMD ATIDXX64=26.20.13031.15006
AMD ATIDXX64=26.20.13031.18002
VMware Workstation=15.0
CVE-2019-5146
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13025.10004. A specially crafted pixel shader can cause a denial of service. An attacker can provide a ...
AMD ATIDXX64=26.20.13025.10004
VMware Workstation=15.0
CVE-2019-5147
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13003.1007. A specially crafted pixel shader can cause a denial of service. An attacker can provide a s...
AMD ATIDXX64=26.20.13003.1007
VMware Workstation=15.0
CVE-2019-5124
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.50005. A specially crafted pixel shader can cause a denial of service. An attacker can provide a ...
AMD ATIDXX64=26.20.13001.50005
VMware Workstation=15.0
CVE-2019-5539
VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thi...
Vmware Horizon View Agent>=7.5.0<7.5.4
Vmware Horizon View Agent>=7.10.0<7.10.1
VMware Workstation>=15.0.0<15.5.1
Microsoft Windows
CVE-2019-5098
An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. A specially crafted pixel shader can cause out-of-bounds memory read. An attacker can prov...
VMware Workstation=15.0.0
Microsoft Windows 10
=26.20.13001.29010
=26.20.13001.29010
CVE-2019-5541
VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. Successful exploitation of this issue may le...
VMware Workstation>=15.0.0<15.5.1
VMware Fusion>=11.0.0<11.5.1
Apple Mac OS X
CVE-2019-5542
VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. Successful exploitation of this issue may allow attackers with nor...
VMware Fusion>=11.0.0<11.5.1
VMware Workstation>=15.0.0<15.5.1
CVE-2019-5540
VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp. Successful exploitation of this issue may allow an attacker on a g...
VMware Workstation>=15.0.0<15.5.1
VMware Fusion>=11.0.0<11.5.1
Apple Mac OS X
CVE-2019-5536
VMware ESXi (6.7 before ESXi670-201908101-SG and 6.5 before ESXi650-201910401-SG), Workstation (15.x before 15.5.0) and Fusion (11.x before 11.5.0) contain a denial-of-service vulnerability in the sha...
VMware Fusion>=11.0.0<11.5.0
VMware Workstation>=15.0.0<15.5.0
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
VMware ESXi=6.5-650-201703001
VMware ESXi=6.5-650-201703002
and 121 more
CVE-2019-5535
VMware Workstation and Fusion contain a network denial-of-service vulnerability due to improper handling of certain IPv6 packets. VMware has evaluated the severity of this issue to be in the Moderate ...
VMware Fusion>=11.0.0<11.5.0
VMware Workstation>=15.0.0<15.5.0
CVE-2019-5527
ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity r...
Vmware Horizon<5.2.0
Vmware Horizon<5.2.0
Vmware Horizon<5.2.0
Vmware Remote Console>=10.0.0<10.0.5
VMware Workstation>=10.0.0<10.0.5
VMware Workstation>=15.0.0<15.5.0
and 181 more
CVE-2019-5521
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain a...
VMware Fusion>=10.0.0<10.1.6
VMware Fusion>=11.0.0<11.0.3
VMware Workstation>=14.0.0<14.1.6
VMware Workstation>=15.0.0<15.0.3
VMware ESXi=6.5
VMware ESXi=6.5-650-201701001
and 114 more
CVE-2019-5525
VMware Workstation (15.x before 15.1.0) contains a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) backend. A malicious user with normal user privileges on the guest machi...
VMware Workstation>=15.0.0<15.1.0
Linux Linux kernel
CVE-2019-5526
VMware Workstation (15.x before 15.1.0) contains a DLL hijacking issue because some DLL files are improperly loaded by the application. Successful exploitation of this issue may allow attackers with n...
VMware Workstation>=15.0.0<15.1.0

Company

Resources

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203