Vulnerabilities > Vmware > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-18 | CVE-2018-15756 | Spring Framework, version 5.1, versions 5.0.x prior to 5.0.10, versions 4.3.x prior to 4.3.20, and older unsupported versions on the 4.2.x branch provide support for range requests when serving static resources through the ResourceHttpRequestHandler, or starting in 5.0 when an annotated controller returns an org.springframework.core.io.Resource. | 7.5 |
| 2018-10-16 | CVE-2018-6974 | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201810101-SG, 6.5 before ESXi650-201808401-BG, and 6.0 before ESXi600-201808401-BG), Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds read vulnerability in SVGA device. | 8.8 |
| 2018-10-05 | CVE-2018-6979 | Unspecified vulnerability in VMWare Airwatch Console The VMware Workspace ONE Unified Endpoint Management Console (A/W Console) 9.7.x prior to 9.7.0.3, 9.6.x prior to 9.6.0.7, 9.5.x prior to 9.5.0.16, 9.4.x prior to 9.4.0.22, 9.3.x prior to 9.3.0.25, 9.2.x prior to 9.2.3.27, and 9.1.x prior to 9.1.5.6 contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. | 7.4 |
| 2018-08-15 | CVE-2018-6973 | Out-of-bounds Write vulnerability in VMWare Fusion and Workstation VMware Workstation (14.x before 14.1.3) and Fusion (10.x before 10.1.3) contain an out-of-bounds write vulnerability in the e1000 device. | 8.8 |
| 2018-07-25 | CVE-2018-6971 | Information Exposure Through Log Files vulnerability in VMWare Horizon View Agents VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). | 7.8 |
| 2018-07-13 | CVE-2018-6969 | Out-of-bounds Read vulnerability in VMWare Tools VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. | 7.0 |
| 2018-07-09 | CVE-2018-6967 | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. | 8.1 |
| 2018-07-09 | CVE-2018-6966 | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. | 8.1 |
| 2018-07-09 | CVE-2018-6965 | Out-of-bounds Read vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi (6.7 before ESXi670-201806401-BG), Workstation (14.x before 14.1.2), and Fusion (10.x before 10.1.2) contain an out-of-bounds read vulnerability in the shader translator. | 8.1 |
| 2018-06-25 | CVE-2018-11040 | Inclusion of Functionality from Untrusted Control Sphere vulnerability in multiple products Spring Framework, versions 5.0.x prior to 5.0.7 and 4.3.x prior to 4.3.18 and older unsupported versions, allows web applications to enable cross-domain requests via JSONP (JSON with Padding) through AbstractJsonpResponseBodyAdvice for REST controllers and MappingJackson2JsonView for browser requests. | 7.5 |