Vulnerabilities > Vmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-01-15 | CVE-2020-3941 | Race Condition vulnerability in VMWare Tools The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. | 7.0 |
| 2020-01-02 | CVE-2016-1000027 | Deserialization of Untrusted Data vulnerability in VMWare Spring Framework Pivotal Spring Framework through 5.3.16 suffers from a potential remote code execution (RCE) issue if used for Java deserialization of untrusted data. | 9.8 |
| 2019-12-23 | CVE-2019-5539 | Uncontrolled Search Path Element vulnerability in VMWare Horizon View Agent and Workstation VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. | 7.8 |
| 2019-12-06 | CVE-2019-5544 | Out-of-bounds Write vulnerability in multiple products OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. | 9.8 |
| 2019-12-05 | CVE-2019-5098 | Out-of-bounds Read vulnerability in multiple products An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. | 8.6 |
| 2019-11-22 | CVE-2019-11291 | Cross-site Scripting vulnerability in multiple products Pivotal RabbitMQ, 3.7 versions prior to v3.7.20 and 3.8 version prior to v3.8.1, and RabbitMQ for PCF, 1.16.x versions prior to 1.16.7 and 1.17.x versions prior to 1.17.4, contain two endpoints, federation and shovel, which do not properly sanitize user input. | 4.8 |
| 2019-11-20 | CVE-2019-5542 | Unspecified vulnerability in VMWare Fusion and Workstation VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. | 7.7 |
| 2019-11-20 | CVE-2019-5541 | Out-of-bounds Write vulnerability in VMWare Fusion and Workstation VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an out-of-bounds write vulnerability in the e1000e virtual network adapter. | 9.1 |
| 2019-11-20 | CVE-2019-5540 | Memory Leak vulnerability in VMWare Fusion and Workstation VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain an information disclosure vulnerability in vmnetdhcp. | 7.7 |
| 2019-10-29 | CVE-2019-5533 | Incorrect Authorization vulnerability in VMWare Sd-Wan BY Velocloud In VMware SD-WAN by VeloCloud versions 3.x prior to 3.3.0, the VeloCloud Orchestrator parameter authorization check mistakenly allows enterprise users to obtain information of Managed Service Provider accounts. | 4.3 |