CVSS: 9.0EPSS: 1%CPEs: 28EXPL: 0CVE-2012-2450
https://notcve.org/view.php?id=CVE-2012-2450
04 May 2012 — VMware Workstation 8.x before 8.0.3, VMware Player 4.x before 4.0.3, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 do not properly register SCSI devices, which allows guest OS users to cause a denial of service (invalid write operation and VMX process crash) or possibly execute arbitrary code on the host OS by leveraging administrative privileges on the guest OS. VMware Workstation v8.x antes de v8.0.3, VMware Player v4.x antes de v4.0.3 VMware Fusion v4.x, ante... • http://osvdb.org/81695 •
CVSS: 8.8EPSS: 0%CPEs: 27EXPL: 0CVE-2012-1518
https://notcve.org/view.php?id=CVE-2012-1518
17 Apr 2012 — VMware Workstation 8.x before 8.0.2, VMware Player 4.x before 4.0.2, VMware Fusion 4.x before 4.1.2, VMware ESXi 3.5 through 5.0, and VMware ESX 3.5 through 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain guest OS privileges via unspecified vectors. VMware Workstation versiones 8.x anteriores a 8.0.2, VMware Player versiones 4.x anteriores a 4.0.2, VMware Fusion versiones 4.x anteriores a 4.1.2, VMware ESXi versiones 3.5 hasta 5.0, y VMware ESX versiones 3.5 hasta 4... • http://osvdb.org/81163 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-1787
https://notcve.org/view.php?id=CVE-2011-1787
06 Jun 2011 — Race condition in mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to gain privileges on the guest OS by mounting a filesystem on top of an arbitrary directory. Una Condición de carrera en mount.vmhgfs en VMware Host Guest File System (HGFS) en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware Pla... • http://secunia.com/advisories/44840 • CWE-362: Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition') •
CVSS: 6.5EPSS: 0%CPEs: 19EXPL: 0CVE-2011-2145
https://notcve.org/view.php?id=CVE-2011-2145
06 Jun 2011 — mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1, when a Solaris or FreeBSD guest OS is used, allows guest OS users to modify arbitrary guest OS files via unspecified vectors, related to a "procedural error." mount.vmhgfs en el Host Guest File System (HGFS) de VMware en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware... • http://secunia.com/advisories/44840 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 3.8EPSS: 0%CPEs: 17EXPL: 0CVE-2011-2146
https://notcve.org/view.php?id=CVE-2011-2146
06 Jun 2011 — mount.vmhgfs in the VMware Host Guest File System (HGFS) in VMware Workstation 7.1.x before 7.1.4, VMware Player 3.1.x before 3.1.4, VMware Fusion 3.1.x before 3.1.3, VMware ESXi 3.5 through 4.1, and VMware ESX 3.0.3 through 4.1 allows guest OS users to determine the existence of host OS files and directories via unspecified vectors. mount.vmhgfs en Host Guest File System (HGFS) de VMware en VMware Workstation versiones 7.1.x anteriores a 7.1.4, VMware Player versiones 3.1.x anteriores a 3.1.4, VMware Fusio... • http://secunia.com/advisories/44840 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVSS: 8.8EPSS: 1%CPEs: 38EXPL: 1CVE-2010-4297 – VMware Tools - Update OS Command Injection
https://notcve.org/view.php?id=CVE-2010-4297
06 Dec 2010 — The VMware Tools update functionality in VMware Workstation 6.5.x before 6.5.5 build 328052 and 7.x before 7.1.2 build 301548; VMware Player 2.5.x before 2.5.5 build 328052 and 3.1.x before 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x before 2.0.8 build 328035 and 3.1.x before 3.1.2 build 332101; VMware ESXi 3.5, 4.0, and 4.1; and VMware ESX 3.0.3, 3.5, 4.0, and 4.1 allows host OS users to gain privileges on the guest OS via unspecified vectors, related to a "command injection" issue. La funci... • https://www.exploit-db.com/exploits/15717 • CWE-20: Improper Input Validation •