CVSS: 8.8EPSS: 0%CPEs: 14EXPL: 0CVE-2017-4902 – VMware Workstation SVGA Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2017-4902
30 Mar 2017 — VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host. Wmware ESXi sin el parche ESXi650-201703410-SG y 5.5 sin el parche ESXi550-201703401-SG; Workstation Pro / Player 12.x anterior a 12.5.5 y Fusion Pro /Fusion 8.x anterior a la 8.5.6 tiene un buffer overflow basado en el heap --heap-... • http://www.securityfocus.com/bid/97163 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 8.8EPSS: 0%CPEs: 27EXPL: 0CVE-2016-7461 – VMware Security Advisory 2016-0019
https://notcve.org/view.php?id=CVE-2016-7461
14 Nov 2016 — The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors. La función de arrastrar y soltar (también conocida como DnD) en VMware Workstation Pro 12.x en versiones anteriores a 12.5.2 y VMware Workstation Player 12.x en versione... • http://www.securityfocus.com/bid/94280 • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •