Filtered by vendor Vmware
Subscriptions
Filtered by product Workstation Pro
Subscriptions
Total
27 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-4898 | 1 Vmware | 2 Workstation Player, Workstation Pro | 2024-08-05 | N/A |
| VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. Successful exploitation of this issue may allow normal users to escalate privileges to System in the host machine where VMware Workstation is installed. | ||||
| CVE-2020-3989 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-08-04 | 3.3 Low |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client. | ||||
| CVE-2020-3988 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-08-04 | 6.1 Medium |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. | ||||
| CVE-2020-3987 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-08-04 | 6.1 Medium |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. | ||||
| CVE-2020-3986 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-08-04 | 6.1 Medium |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. | ||||
| CVE-2020-3990 | 1 Vmware | 3 Horizon Client, Workstation Player, Workstation Pro | 2024-08-04 | 6.5 Medium |
| VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client. | ||||
| CVE-2021-22040 | 1 Vmware | 5 Cloud Foundation, Esxi, Fusion and 2 more | 2024-08-03 | 6.7 Medium |
| VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | ||||