CVSS: 10.0EPSS: 63%CPEs: 20EXPL: 1CVE-2005-4459
https://notcve.org/view.php?id=CVE-2005-4459
21 Dec 2005 — Heap-based buffer overflow in the NAT networking components vmnat.exe and vmnet-natd in VMWare Workstation 5.5, GSX Server 3.2, ACE 1.0.1, and Player 1.0 allows remote authenticated attackers, including guests, to execute arbitrary code via crafted (1) EPRT and (2) PORT FTP commands. • http://lists.grok.org.uk/pipermail/full-disclosure/2005-December/040442.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-2939
https://notcve.org/view.php?id=CVE-2005-2939
18 Nov 2005 — Unquoted Windows search path vulnerability in VMWare Workstation 5.0.0 build-13124 might allow local users to gain privileges via a malicious "program.exe" file in the C: folder. • http://securitytracker.com/id?1015225 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2005-0444
https://notcve.org/view.php?id=CVE-2005-0444
14 Feb 2005 — VMware before 4.5.2.8848-r5 searches for gdk-pixbuf shared libraries using a path that includes the rrdharan world-writable temporary directory, which allows local users to execute arbitrary code. • http://security.gentoo.org/glsa/glsa-200502-18.xml •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 1CVE-2004-2515
https://notcve.org/view.php?id=CVE-2004-2515
31 Dec 2004 — Format string vulnerability in VMware Workstation 4.5.2 build-8848, if running with elevated privileges, might allow local users to execute arbitrary code via format string specifiers in command line arguments. NOTE: it is not clear if there are any default or typical circumstances under which VMware would be running with privileges beyond those already available to the attackers, so this might not be a vulnerability. • http://archives.neohapsis.com/archives/fulldisclosure/2004-11/1320.html •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0739
https://notcve.org/view.php?id=CVE-2003-0739
04 Sep 2003 — VMware Workstation 4.0.1 for Linux, build 5289 and earlier, allows local users to delete arbitrary files via a symlink attack. • http://marc.info/?l=bugtraq&m=106029217115023&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2003-0631
https://notcve.org/view.php?id=CVE-2003-0631
02 Aug 2003 — VMware GSX Server 2.5.1 build 4968 and earlier, and Workstation 4.0 and earlier, allows local users to gain root privileges via certain enivronment variables that are used when launching a virtual machine session. VMware GSX Server 2.5.1 compilación 4968 y anteriores, y Workstation 4.0 y anteriores, permite a usuarios locales ganar privilegios de root mediante ciertas variables de entorno que son usadas cuando se lanza una sesión de máquina virtual. • http://marc.info/?l=bugtraq&m=105899875225268&w=2 •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2003-0480
https://notcve.org/view.php?id=CVE-2003-0480
28 Jun 2003 — VMware Workstation 4.0 for Linux allows local users to overwrite arbitrary files and gain privileges via "symlink manipulation." VMware Workstation 4.0 para Linux permite a usuarios locales sobreescribir ficheros arbitrarios y ganar privilegios mediante una manipulación de enlaces simbólicos. • http://marc.info/?l=bugtraq&m=105673688529147&w=2 •
CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 0CVE-2001-1059
https://notcve.org/view.php?id=CVE-2001-1059
30 Jul 2001 — VMWare creates a temporary file vmware-log.USERNAME with insecure permissions, which allows local users to read or modify license information. • http://www.osvdb.org/5475 •
CVSS: 5.5EPSS: 0%CPEs: 5EXPL: 0CVE-2000-0090
https://notcve.org/view.php?id=CVE-2000-0090
17 Jan 2000 — VMWare 1.1.2 allows local users to cause a denial of service via a symlink attack. • http://www.osvdb.org/1205 •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 1CVE-1999-0733 – VMware 1.0.1 - Local Buffer Overflow
https://notcve.org/view.php?id=CVE-1999-0733
26 Jun 1999 — Buffer overflow in VMWare 1.0.1 for Linux via a long HOME environmental variable. • https://www.exploit-db.com/exploits/19371 •