Vulnerabilities > Vmware
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2016-12-29 | CVE-2016-7083 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via TrueType fonts embedded in EMFSPOOL. | 5.9 |
| 2016-12-29 | CVE-2016-7082 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file. | 5.9 |
| 2016-12-29 | CVE-2016-7081 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Workstation Player and Workstation PRO Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors. | 6.9 |
| 2016-12-29 | CVE-2016-7080 | NULL Pointer Dereference vulnerability in VMWare Tools The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079. | 4.6 |
| 2016-12-29 | CVE-2016-7079 | NULL Pointer Dereference vulnerability in VMWare Tools The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080. | 4.6 |
| 2016-12-29 | CVE-2016-5334 | Exposure of Resource to Wrong Sphere vulnerability in VMWare Identity Manager and Vrealize Automation VMware Identity Manager 2.x before 2.7.1 and vRealize Automation 7.x before 7.2.0 allow remote attackers to read /SAAS/WEB-INF and /SAAS/META-INF files via unspecified vectors. | 5.0 |
| 2016-12-29 | CVE-2016-5329 | Information Exposure vulnerability in VMWare Fusion VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | 2.1 |
| 2016-12-29 | CVE-2016-5328 | Information Exposure vulnerability in VMWare Tools VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | 2.1 |
| 2016-08-31 | CVE-2016-5336 | Remote Code Execution vulnerability in VMware vRealize Automation 7.0/7.0.1 VMware vRealize Automation 7.0.x before 7.1 allows remote attackers to execute arbitrary code via unspecified vectors. | 7.5 |
| 2016-08-31 | CVE-2016-5335 | Unspecified vulnerability in VMWare Identity Manager and Vrealize Automation VMware Identity Manager 2.x before 2.7 and vRealize Automation 7.0.x before 7.1 allow local users to obtain root access via unspecified vectors. | 7.2 |