Vulnerabilities > Vmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-11-17 | CVE-2017-4939 | Untrusted Search Path vulnerability in VMWare Workstation VMware Workstation (12.x before 12.5.8) installer contains a DLL hijacking issue that exists due to some DLL files loaded by the application improperly. | 7.8 |
| 2017-11-17 | CVE-2017-4938 | NULL Pointer Dereference vulnerability in VMWare Fusion and Workstation VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. | 6.5 |
| 2017-11-17 | CVE-2017-4937 | Out-of-bounds Read vulnerability in VMWare Horizon View and Workstation VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. | 7.8 |
| 2017-11-17 | CVE-2017-4936 | Out-of-bounds Read vulnerability in VMWare Horizon View and Workstation VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. | 7.8 |
| 2017-11-17 | CVE-2017-4935 | Out-of-bounds Write vulnerability in VMWare Horizon View and Workstation VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. | 7.8 |
| 2017-11-17 | CVE-2017-4934 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Fusion and Workstation VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. | 8.8 |
| 2017-11-17 | CVE-2017-4929 | Cross-site Scripting vulnerability in VMWare NSX Edge VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure. | 6.1 |
| 2017-11-17 | CVE-2017-4928 | Server-Side Request Forgery (SSRF) vulnerability in VMWare Vcenter Server 5.5/6.0 The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. | 7.5 |
| 2017-11-17 | CVE-2017-4927 | LDAP Injection vulnerability in VMWare Vcenter Server 6.0/6.5 VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service. | 7.5 |
| 2017-11-16 | CVE-2017-4932 | Unspecified vulnerability in VMWare Airwatch Launcher VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. | 7.8 |