CVSS: 6.3EPSS: 0%CPEs: 6EXPL: 2CVE-2014-4199 – vm-support 0.88 File Overwrite / Information Disclosure
https://notcve.org/view.php?id=CVE-2014-4199
26 Aug 2014 — vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to arbitrary files via a symlink attack on a file in /tmp. vm-support 0.88 en VMware Tools, distribuido con VMware Workstation hasta 10.0.3 y otros productos, permite a usuarios locales escribir a ficheros arbitrarios a través de un ataque de enlace simbólico sobre un fichero en /tmp. vm-support version 0.88 suffers from file overwrite and sensitive information disclosure vu... • https://packetstorm.news/files/id/128006 • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 5.5EPSS: 0%CPEs: 6EXPL: 2CVE-2014-4200 – vm-support 0.88 File Overwrite / Information Disclosure
https://notcve.org/view.php?id=CVE-2014-4200
26 Aug 2014 — vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the vm-support archive, which allows local users to obtain sensitive information by extracting files from this archive. vm-support 0.88 en VMware Tools, distribuido con VMware Workstation hasta 10.0.3 y otros productos, utiliza los permisos 0644 para el archivo vm-support, lo que permite a usuarios locales obtener información sensible mediante la extracción de ficheros de este... • https://packetstorm.news/files/id/128006 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.8EPSS: 0%CPEs: 20EXPL: 1CVE-2012-1666 – ThinPrint - 'tpfc.dll' Insecure Library Loading Arbitrary Code Execution
https://notcve.org/view.php?id=CVE-2012-1666
08 Sep 2012 — Untrusted search path vulnerability in VMware Tools in VMware Workstation before 8.0.4, VMware Player before 4.0.4, VMware Fusion before 4.1.2, VMware View before 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse tpfc.dll file in the current working directory. Vulnerabilidad de path de búsqueda no confiable en VMware Tools en VMware Workstation anteriores a v8.0.4, VMware Player anteriores a v4.0.4, VMware Fusion anteriores a v4.1.2, VMware View an... • https://www.exploit-db.com/exploits/37780 •
CVSS: 8.8EPSS: 3%CPEs: 34EXPL: 2CVE-2009-2267 – VMware Virtual 8086 - Linux Local Ring0
https://notcve.org/view.php?id=CVE-2009-2267
02 Nov 2009 — VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is used, do not properly set the exception code upon a page fault (aka #PF) exception, which allows guest OS users to gain privileges on the guest OS by ... • https://www.exploit-db.com/exploits/10207 •
CVSS: 6.5EPSS: 0%CPEs: 101EXPL: 0CVE-2009-1805
https://notcve.org/view.php?id=CVE-2009-1805
01 Jun 2009 — Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, when the Descheduled Time Accounting Service is not running, allows guest OS users on Windows to cause a denial of service via unknown vectors. Vulnerabil... • http://secunia.com/advisories/35269 •
CVSS: 8.8EPSS: 0%CPEs: 93EXPL: 1CVE-2009-1244
https://notcve.org/view.php?id=CVE-2009-1244
13 Apr 2009 — Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to execute arbitrary code on the host OS via unknown vectors, a different vulnerability than CVE-2008-4916. Una vulnerabilidad no especificada en ... • https://github.com/piotrbania/vmware_exploit_pack_CVE-2009-1244 •
CVSS: 7.1EPSS: 0%CPEs: 77EXPL: 0CVE-2009-1146
https://notcve.org/view.php?id=CVE-2009-1146
06 Apr 2009 — Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761. Vulnerabilidad no especificada en un ioctl de hcmon.sys de VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE v2.5.1 y an... • http://lists.vmware.com/pipermail/security-announce/2009/000054.html •
CVSS: 7.8EPSS: 0%CPEs: 83EXPL: 0CVE-2009-1147
https://notcve.org/view.php?id=CVE-2009-1147
06 Apr 2009 — Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors. Vulnerabilidad no especificada en el archivo vmci.sys en la Virtual Machine Communication Interface (VMCI) en VMware Workstation v6.5.1 y anteriores, VMware Player v2.5.1 y anteriores, VMware ACE 2.5.1 y ant... • http://lists.vmware.com/pipermail/security-announce/2009/000054.html •
CVSS: 6.5EPSS: 0%CPEs: 71EXPL: 0CVE-2008-4916
https://notcve.org/view.php?id=CVE-2008-4916
06 Apr 2009 — Unspecified vulnerability in a guest virtual device driver in VMware Workstation before 5.5.9 build 126128, and 6.5.1 and earlier 6.x versions; VMware Player before 1.0.9 build 126128, and 2.5.1 and earlier 2.x versions; VMware ACE before 1.0.8 build 125922, and 2.5.1 and earlier 2.x versions; VMware Server 1.x before 1.0.8 build 126538 and 2.0.x before 2.0.1 build 156745; VMware Fusion before 2.0.1; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS users to cause a denial of service (ho... • http://lists.vmware.com/pipermail/security-announce/2009/000054.html •
CVSS: 7.8EPSS: 0%CPEs: 37EXPL: 0CVE-2008-0967
https://notcve.org/view.php?id=CVE-2008-0967
05 Jun 2008 — Untrusted search path vulnerability in vmware-authd in VMware Workstation 5.x before 5.5.7 build 91707 and 6.x before 6.0.4 build 93057, VMware Player 1.x before 1.0.7 build 91707 and 2.x before 2.0.4 build 93057, and VMware Server before 1.0.6 build 91891 on Linux, and VMware ESXi 3.5 and VMware ESX 2.5.4 through 3.5, allows local users to gain privileges via a library path option in a configuration file. Vulnerabilidad de ruta de búsqueda no confiable en vmware-authd en VMware Workstation versión 5.x ante... • http://labs.idefense.com/intelligence/vulnerabilities/display.php?id=713 •