CVSS: 8.8EPSS: 5%CPEs: 89EXPL: 0CVE-2017-4941
https://notcve.org/view.php?id=CVE-2017-4941
20 Dec 2017 — VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a stack overflow via a specific set of VNC packets. Successful exploitation of this issue could result in remote code execution in a virtual machine via the authenticated VNC session. Note: In order for exploitation to be possible in ESXi, VNC must be manually enabled in a virtual machine's .vmx... • http://www.securitytracker.com/id/1040024 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 0%CPEs: 91EXPL: 0CVE-2017-4925
https://notcve.org/view.php?id=CVE-2017-4925
15 Sep 2017 — VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. This issue occurs when handling guest RPC requests. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs. VMware ESXi 6.5 sin el parche ESXi650-201707101-SG, ESXi 6.0 sin el parche ESXi600-201706101-SG, ESXi ... • http://www.securityfocus.com/bid/100842 • CWE-476: NULL Pointer Dereference •
CVSS: 8.8EPSS: 0%CPEs: 89EXPL: 0CVE-2017-4903 – VMware Workstation SVGA Uninitialized Memory Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-4903
30 Mar 2017 — VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. This issue may allow a guest to execute code on the host. ESXi versiones 6.5 sin el parche ESXi650-201703410-SG, 6.0 U3 sin el parche ESXi600-20170... • http://www.securityfocus.com/bid/97160 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 18EXPL: 0CVE-2017-4904 – VMware Workstation Uninitialized Memory Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-4904
30 Mar 2017 — The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. This issue may allow a guest to execute code on the host. The issue is reduced to a Denial of Service of the guest on ESXi 5.5. El controlador... • http://www.securityfocus.com/bid/97165 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 5.5EPSS: 2%CPEs: 18EXPL: 1CVE-2017-4905 – VMware Workstation Uninitialized Memory Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2017-4905
30 Mar 2017 — VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. This issue may lead to an information leak. ESXi versiones 6.5 sin parche ESXi650-201703410-SG, 6.0 U3 sin parche ESXi600-201703401-SG, 6.0 U2 sin parche ESXi600-201703... • https://www.exploit-db.com/exploits/47715 • CWE-908: Use of Uninitialized Resource •
CVSS: 6.5EPSS: 1%CPEs: 16EXPL: 0CVE-2015-6933
https://notcve.org/view.php?id=CVE-2015-6933
09 Jan 2016 — The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors. La implementación VMware Tools HGFS (también conocida como Shared Folders) en VMware Workstation 11.x en versiones anteriores a 11.1.2, VMware Player 7.x en versiones a... • http://www.securitytracker.com/id/1034603 • CWE-284: Improper Access Control •
CVSS: 7.8EPSS: 0%CPEs: 29EXPL: 0CVE-2015-2336 – VMware Security Advisory 2015-0004
https://notcve.org/view.php?id=CVE-2015-2336
09 Jun 2015 — TPView.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors, a different vulnerability than CVE-2012-0897. TPView.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6... • http://www.securityfocus.com/bid/75095 • CWE-399: Resource Management Errors •
CVSS: 8.8EPSS: 0%CPEs: 29EXPL: 0CVE-2015-2337 – VMware Security Advisory 2015-0004
https://notcve.org/view.php?id=CVE-2015-2337
09 Jun 2015 — TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to execute arbitrary code on the host OS via unspecified vectors. TPInt.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6 y 7.x anterior a 7.1.1, y VMware Horizon Cl... • http://www.securityfocus.com/bid/75095 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2015-2338 – VMware Security Advisory 2015-0004
https://notcve.org/view.php?id=CVE-2015-2338
09 Jun 2015 — TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339. TPview.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6... • http://www.securityfocus.com/bid/75092 • CWE-399: Resource Management Errors •
CVSS: 6.1EPSS: 0%CPEs: 29EXPL: 0CVE-2015-2339 – VMware Security Advisory 2015-0004
https://notcve.org/view.php?id=CVE-2015-2339
09 Jun 2015 — TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338. TPview.dll en VMware Workstation 10.x anterior a 10.0.6 y 11.x anterior a 11.1.1, VMware Player 6.x anterior a 6.0.6... • http://www.securityfocus.com/bid/75092 • CWE-399: Resource Management Errors •