CVSS: 9.3EPSS: 19%CPEs: 18EXPL: 0CVE-2011-3868 – Gentoo Linux Security Advisory 201209-25
https://notcve.org/view.php?id=CVE-2011-3868
05 Oct 2011 — Buffer overflow in VMware Workstation 7.x before 7.1.5, VMware Player 3.x before 3.1.5, VMware Fusion 3.1.x before 3.1.3, and VMware AMS allows remote attackers to execute arbitrary code via a crafted UDF filesystem in an ISO image. Desbordamiento de bufer en VMware Workstation 7.x anterior a v7.1.5, VMware Player v3.x anterior a v3.1.5, VMware Fusion v3.1.x anterior v3.1.3, y VMware AMS permite a atacantes remotos ejecutar código arbitrario mediante un systema de ficheros manipulado UDF en una imagen ISO M... • http://osvdb.org/76060 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1787 – VMware Security Advisory 2011-0009
https://notcve.org/view.php?id=CVE-2011-1787
03 Jun 2011 — Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory. Una Condición de carrera en mount.vmhgfs en VMware Host Guest File System (HGFS) en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware Pla... • http://secunia.com/advisories/44840 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2011-2145 – VMware Security Advisory 2011-0009
https://notcve.org/view.php?id=CVE-2011-2145
03 Jun 2011 — mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error." mount.vmhgfs en el Host Guest File System (HGFS) de VMware en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware... • http://secunia.com/advisories/44840 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-2146 – VMware Security Advisory 2011-0009
https://notcve.org/view.php?id=CVE-2011-2146
03 Jun 2011 — mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors. mount.vmhgfs en Host Guest File System (HGFS) de VMware en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware Player versiones 3.1.x anteriores a 3.1.4, VMware Fusio... • http://secunia.com/advisories/44840 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 7.8EPSS: 0%CPEs: 27EXPL: 0CVE-2011-1126 – VMware Security Advisory 2011-0006
https://notcve.org/view.php?id=CVE-2011-1126
30 Mar 2011 — VMware vmrun, as used in VIX API 1.x before 1.10.3 and VMware Workstation 6.5.x and 7.x before 7.1.4 build 385536 on Linux, might allow local users to gain privileges via a Trojan horse shared library in an unspecified directory. VMware vmrun,como se utiliza en VIX API v1.x antes de v1.10.3 y VMware Workstation v6.5.x antes de v7.1.4 y v7.x compilación 385536 en Linux podría permitir a usuarios locales conseguir privilegios a través de un caballo de Troya en una librería compartida en un directorio especifi... • http://lists.vmware.com/pipermail/security-announce/2011/000131.html • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 9.3EPSS: 6%CPEs: 34EXPL: 0CVE-2010-4294 – VMWare VMnc Codec Frame Decompression Remote Code Execution
https://notcve.org/view.php?id=CVE-2010-4294
03 Dec 2010 — The frame decompression functionality in the VMnc media codec in VMware Movie Decoder before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548, VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548 on Windows, VMware Player 2.5.x before 2.5.5 build 246459 and 3.x before 3.1.2 build 301548 on Windows, and VMware Server 2.x on Windows does not properly validate an unspecified size field, which allows remote attackers to execute arbitrary code or cause a denial of service (hea... • http://lists.vmware.com/pipermail/security-announce/2010/000112.html • CWE-94: Improper Control of Generation of Code ('Code Injection') •
CVSS: 7.8EPSS: 0%CPEs: 16EXPL: 0CVE-2010-4295 – VMware Security Advisory 2010-0018
https://notcve.org/view.php?id=CVE-2010-4295
03 Dec 2010 — Race condition in the mounting process in vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 allows host OS users to gain privileges via vectors involving temporary files. Condición de carrera en el proceso de montaje de vmware-mount en VMware Workstation 7.x anteriores a la 7.1.2 build 301548 en Linux, VMware Player 3.1.x anteriores a la 3.1.2 build... • http://lists.vmware.com/pipermail/security-announce/2010/000112.html • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 8.8EPSS: 0%CPEs: 16EXPL: 0CVE-2010-4296 – VMware Security Advisory 2010-0018
https://notcve.org/view.php?id=CVE-2010-4296
03 Dec 2010 — vmware-mount in VMware Workstation 7.x before 7.1.2 build 301548 on Linux, VMware Player 3.1.x before 3.1.2 build 301548 on Linux, VMware Server 2.0.2 on Linux, and VMware Fusion 3.1.x before 3.1.2 build 332101 does not properly load libraries, which allows host OS users to gain privileges via vectors involving shared object files. vmware-mount en VMware Workstation 7.x anteriores a la 7.1.2 build 301548 en Linux, VMware Player 3.1.x anteriores a la 3.1.2 build 301548 en Linux, VMware Server 2.0.2 en Linux,... • http://lists.vmware.com/pipermail/security-announce/2010/000112.html • CWE-863: Incorrect Authorization •
CVSS: 8.8EPSS: 2%CPEs: 38EXPL: 2CVE-2010-4297 – VMware Tools - Update OS Command Injection
https://notcve.org/view.php?id=CVE-2010-4297
03 Dec 2010 — The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a "command injection" issue. La funci... • https://packetstorm.news/files/id/96508 • CWE-20: Improper Input Validation •
CVSS: 7.1EPSS: 0%CPEs: 8EXPL: 0CVE-2010-3277 – VMware Security Advisory 2010-0014
https://notcve.org/view.php?id=CVE-2010-3277
25 Sep 2010 — The installer in VMware Workstation 7.x before 7.1.2 build 301548 and VMware Player 3.x before 3.1.2 build 301548 renders an index.htm file if present in the installation directory, which might allow local users to trigger unintended interpretation of web script or HTML by creating this file. El instalador en VMware Workstation v7.x anterior v7.1.2 build 301548 y VMware Player v3.x anterior v3.1.2 build 301548 lanza un fichero index.htm si se presenta en el directorio de instalación, lo que puede permitir a... • http://lists.vmware.com/pipermail/security-announce/2010/000105.html • CWE-264: Permissions, Privileges, and Access Controls •