CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6966
https://notcve.org/view.php?id=CVE-2018-6966
VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6967. VMware ESXi (versiones 6.7, anteriores a ESXi670-201806401-BG), Workstation (versiones 14.x, anteriores a la 14.1.2) y Fusion (versiones 10.x, anteriores a la 10.1.2) contienen una vulnerabilidad de lectura fuera de límites en el traductor del shader. Si este error se explota de manera exitosa, podría dar lugar a una divulgación de información o podría permitir que atacantes con privilegios de usuario normal provoquen el cierre inesperado de sus máquinas virtuales. Esta vulnerabilidad es diferente de CVE-2018-6965 y CVE-2018-6967. • http://www.securityfocus.com/bid/104709 http://www.securitytracker.com/id/1041208 https://www.vmware.com/security/advisories/VMSA-2018-0016.html • CWE-125: Out-of-bounds Read •
CVSS: 5.5EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6963 – VMware Workstation ghi update Null Pointer Dereference Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-6963
VMware Workstation (14.x before 14.1.2) and Fusion (10.x before 10.1.2) contain multiple denial-of-service vulnerabilities that occur due to NULL pointer dereference issues in the RPC handler. Successful exploitation of these issues may allow an attacker with limited privileges on the guest machine trigger a denial-of-Service of their guest machine. VMware Fusion (versiones 10.x anteriores a la 10.1.2) contiene una vulnerabilidad de omisión de firmas que podría conducir a un escalado de privilegios local. This vulnerability allows local attackers to deny service on vulnerable installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on a guest OS in order to exploit this vulnerability. The specific flaw exists within the ghi.guest.trayIcon.update RPC function. • http://www.securityfocus.com/bid/104237 http://www.securitytracker.com/id/1040957 https://www.vmware.com/security/advisories/VMSA-2018-0013.html • CWE-476: NULL Pointer Dereference •
CVSS: 7.2EPSS: 3%CPEs: 30EXPL: 1CVE-2018-5511 – VMware Workstation 14.1.5 / VMware Player 15.0.2 - Host VMX Process Impersonation Hijack Privilege Escalation
https://notcve.org/view.php?id=CVE-2018-5511
On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface (TMUI), also referred to as the BIG-IP Configuration utility, restrictions on allowed commands may not be enforced. En F5 BIG-IP, de la versión 13.1.0 a la 13.1.0.3 o en la versión 13.0.0, cuando los usuarios administrativos autenticados ejecutan comandos en el TMUI (Traffic Management User Interface), también llamado utilidad BIG-IP Configuration, podrían no aplicarse las restricciones sobre los comandos permitidos. The VMX process (vmware-vmx.exe) process configures and hosts an instance of VM. As is common with desktop virtualization platforms the VM host usually has privileged access into the OS such as mapping physical memory which represents a security risk. To mitigate this the VMX process is created with an elevated integrity level by the authentication daemon (vmware-authd.exe) which runs at SYSTEM. • https://www.exploit-db.com/exploits/46600 http://packetstormsecurity.com/files/152213/VMware-Host-VMX-Process-Impersonation-Hijack-Privilege-Escalation.html https://support.f5.com/csp/article/K30500703 • CWE-470: Use of Externally-Controlled Input to Select Classes or Code ('Unsafe Reflection') •
CVSS: 5.3EPSS: 0%CPEs: 41EXPL: 0CVE-2018-6957
https://notcve.org/view.php?id=CVE-2018-6957
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. Note: In order for exploitation to be possible on Workstation and Fusion, VNC must be manually enabled. VMware Workstation (versiones 14.x anteriores a la 14.1.1 y 12.x) y Fusion (10.x anteriores a la 10.1.1 y 8.x) contiene una vulnerabilidad de denegación de servicio (DoS) que se puede desencadenar al abrir un número excesivo de sesiones VNC. Nota: Para que su explotación sea posible en Workstation y Fusion, se debe habilitar VNC manualmente. • http://www.securityfocus.com/bid/103431 http://www.securitytracker.com/id/1040539 https://www.vmware.com/security/advisories/VMSA-2018-0008.html • CWE-772: Missing Release of Resource after Effective Lifetime •
CVSS: 7.0EPSS: 0%CPEs: 5EXPL: 0CVE-2017-4949
https://notcve.org/view.php?id=CVE-2017-4949
VMware Workstation and Fusion contain a use-after-free vulnerability in VMware NAT service when IPv6 mode is enabled. This issue may allow a guest to execute code on the host. Note: IPv6 mode for VMNAT is not enabled by default. VMware Workstation y Fusion contienen una vulnerabilidad de uso de memoria previamente liberada en el servicio VMware NAT cuando el modo IPv6 está habilitado. Este problema puede permitir que un invitado ejecute código en el host. • http://www.securityfocus.com/bid/102489 http://www.securitytracker.com/id/1040161 https://www.vmware.com/security/advisories/VMSA-2018-0005.html • CWE-416: Use After Free •