CVSS: 8.8EPSS: 0%CPEs: 170EXPL: 1CVE-2018-6981 – VMware Security Advisory 2018-0027
https://notcve.org/view.php?id=CVE-2018-6981
09 Nov 2018 — VMware ESXi 6.7 without ESXi670-201811401-BG and VMware ESXi 6.5 without ESXi650-201811301-BG, VMware ESXi 6.0 without ESXi600-201811401-BG, VMware Workstation 15, VMware Workstation 14.1.3 or below, VMware Fusion 11, VMware Fusion 10.1.3 or below contain uninitialized stack memory usage in the vmxnet3 virtual network adapter which may allow a guest to execute code on the host. VMware ESXi 6.7 sin ESXi670-201811401-BG y VMware ESXi 6.5 sin ESXi650-201811301-BG, VMware ESXi 6.0 sin ESXi600-201811401-BG, VMwa... • https://github.com/LxKxC/vmxnet3Hunter • CWE-908: Use of Uninitialized Resource •
CVSS: 7.5EPSS: 0%CPEs: 114EXPL: 0CVE-2018-15756 – DoS Attack via Range Requests
https://notcve.org/view.php?id=CVE-2018-15756
18 Oct 2018 — Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. A malicious user (or attacker) can add a range header with a high number of ranges, or with wide ranges that overlap, or both, for a denial of service attack. This ... • http://www.securityfocus.com/bid/105703 • CWE-20: Improper Input Validation •
CVSS: 8.8EPSS: 0%CPEs: 126EXPL: 0CVE-2018-6974 – VMware Workstation SVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-6974
16 Oct 2018 — VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host. VMware ESXi (versiones 6.7 anteriores a ESXi670-201810101-SG, versiones 6.5 anteriores a ESXi650-201808401-BG, y versiones 6.0 anteriores a ESXi600-201808401-BG), Workstation (versiones 14.x anteriores a la 14.1.... • http://www.securityfocus.com/bid/105660 • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 7EXPL: 0CVE-2018-6977 – VMware Security Advisory 2018-0025
https://notcve.org/view.php?id=CVE-2018-6977
09 Oct 2018 — VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. Successfully exploiting this issue may allow an attacker with normal user privileges in the guest to make the VM unresponsive, and in some cases, possibly result other VMs on the host or the host itself becoming unresponsive. VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x y 14.x) y Fusion (11.x y 10.x) contienen una vulnerabilidad de ... • http://www.securityfocus.com/bid/105549 • CWE-835: Loop with Unreachable Exit Condition ('Infinite Loop') •
CVSS: 8.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6973 – VMware Workstation e1000 Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2018-6973
15 Aug 2018 — VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. This issue may allow a guest to execute code on the host. VMware Workstation (en versiones 14.x anteriores a la 14.1.3) y Fusion (en versiones 10.x anteriores a la 10.1.3) contienen una vulnerabilidad de escritura fuera de límites en el dispositivo e1000. Este problema puede permitir que un invitado ejecute código en el host. This vulnerability allows local attackers to e... • http://www.securityfocus.com/bid/105094 • CWE-787: Out-of-bounds Write •
CVSS: 6.5EPSS: 3%CPEs: 125EXPL: 0CVE-2018-6972 – VMware Workstation SetGuestInfo Null Pointer Dereference Denial of Service Vulnerability
https://notcve.org/view.php?id=CVE-2018-6972
20 Jul 2018 — VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. VMware ESXi (versiones 6.7 anteriores a ESXi670-201806401-BG, versiones 6.5 anteriores a ESXi65... • http://www.securityfocus.com/bid/104884 • CWE-476: NULL Pointer Dereference •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6967 – VMware Security Advisory 2018-0016
https://notcve.org/view.php?id=CVE-2018-6967
29 Jun 2018 — VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6966. VMware ESXi (versiones 6.7 anteriores a ESXi670-201806401-BG), Workstation (versiones 14.x anteriores a la 14.1.2) y Fusi... • http://www.securityfocus.com/bid/104709 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6965 – VMware Security Advisory 2018-0016
https://notcve.org/view.php?id=CVE-2018-6965
29 Jun 2018 — VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6966 and CVE-2018-6967. VMware ESXi (versiones 6.7 anteriores a ESXi670-201806401-BG), Workstation (versiones 14.x anteriores a la 14.1.2) y Fusi... • http://www.securityfocus.com/bid/104709 • CWE-125: Out-of-bounds Read •
CVSS: 8.1EPSS: 0%CPEs: 5EXPL: 0CVE-2018-6966 – VMware Security Advisory 2018-0016
https://notcve.org/view.php?id=CVE-2018-6966
29 Jun 2018 — VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. Successful exploitation of this issue may lead to information disclosure or may allow attackers with normal user privileges to crash their VMs, a different vulnerability than CVE-2018-6965 and CVE-2018-6967. VMware ESXi (versiones 6.7, anteriores a ESXi670-201806401-BG), Workstation (versiones 14.x, anteriores a la 14.1.2) y Fu... • http://www.securityfocus.com/bid/104709 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6962 – VMware Security Advisory 2018-0013
https://notcve.org/view.php?id=CVE-2018-6962
21 May 2018 — VMware Fusion (10.x before 10.1.2) contains a signature bypass vulnerability which may lead to a local privilege escalation. VMware Workstation (versiones 14.x anteriores a la 14.1.2) y Fusion (versiones 10.x anteriores a la 10.1.2) contienen múltiples vulnerabilidades de denegación de servicio (DoS) que ocurren debido a problemas de desreferencia de puntero NULL en el manipulador RPC. La explotación exitosa de estos problemas podría permitir que un atacante con privilegios limitados en la máquina invitada ... • http://www.securityfocus.com/bid/104235 •