Vulnerabilities > Vmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-15756 | Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. | 7.5 |
| 2018-10-16 | CVE-2018-6974 | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. | 8.8 |
| 2018-10-09 | CVE-2018-6977 | Infinite Loop vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7, 6.5, 6.0), Workstation (15.x and 14.x) and Fusion (11.x and 10.x) contain a denial-of-service vulnerability due to an infinite loop in a 3D-rendering shader. | 6.5 |
| 2018-10-05 | CVE-2018-6979 | Unspecified vulnerability in VMWare Airwatch Console The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. | 7.4 |
| 2018-09-14 | CVE-2018-11087 | Improper Certificate Validation vulnerability in multiple products Pivotal Spring AMQP, 1.x versions prior to 1.7.10 and 2.x versions prior to 2.0.6, expose a man-in-the-middle vulnerability due to lack of hostname validation. | 5.9 |
| 2018-09-11 | CVE-2018-6976 | Missing Encryption of Sensitive Data vulnerability in VMWare Workspace ONE The VMware Content Locker for iOS prior to 4.14 contains a data protection vulnerability in the SQLite database. | 5.3 |
| 2018-09-11 | CVE-2018-6975 | Missing Encryption of Sensitive Data vulnerability in VMWare Intelligent HUB The AirWatch Agent for iOS prior to 5.8.1 contains a data protection vulnerability whereby the files and keychain entries in the Agent are not encrypted. | 5.5 |
| 2018-08-15 | CVE-2018-6973 | Out-of-bounds Write vulnerability in VMWare Fusion and Workstation VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. | 8.8 |
| 2018-08-13 | CVE-2018-6970 | Out-of-bounds Read vulnerability in VMWare Horizon Client and Horizon View VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. | 6.5 |
| 2018-07-25 | CVE-2018-6972 | NULL Pointer Dereference vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201806401-BG, 6.5 before ESXi650-201806401-BG, 6.0 before ESXi600-201806401-BG and 5.5 before ESXi550-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain a denial-of-service vulnerability due to NULL pointer dereference issue in RPC handler. | 6.5 |