Vulnerabilities > Vmware > Low
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-05-10 | CVE-2017-4896 | Local Security Bypass vulnerability in VMWare Airwatch Inbox for Android Airwatch Inbox for Android contains a vulnerability that may allow a rooted device to decrypt the local data used by the application. | 2.1 |
| 2016-12-29 | CVE-2016-5328 | Information Exposure vulnerability in VMWare Tools VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | 2.1 |
| 2016-12-29 | CVE-2016-5329 | Information Exposure vulnerability in VMWare Fusion VMware Fusion 8.x before 8.5 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | 2.1 |
| 2016-12-29 | CVE-2016-7463 | Cross-site Scripting vulnerability in VMWare Esxi 5.5/6.0 Cross-site scripting (XSS) vulnerability in the Host Client in VMware vSphere Hypervisor (aka ESXi) 5.5 and 6.0 allows remote authenticated users to inject arbitrary web script or HTML via a crafted VM. | 3.5 |
| 2016-03-16 | CVE-2015-2344 | Cross-site Scripting vulnerability in VMWare Vrealize Automation Cross-site scripting (XSS) vulnerability in VMware vRealize Automation 6.x before 6.2.4 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2016-03-16 | CVE-2016-2075 | Cross-site Scripting vulnerability in VMWare Vrealize Business Advanced and Enterprise Cross-site scripting (XSS) vulnerability in VMware vRealize Business Advanced and Enterprise 8.x before 8.2.5 on Linux allows remote authenticated users to inject arbitrary web script or HTML via unspecified vectors. | 3.5 |
| 2015-01-29 | CVE-2015-1043 | Improper Input Validation vulnerability in VMWare Fusion, Player and Workstation The Host Guest File System (HGFS) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware Fusion 6.x before 6.0.5 and 7.x before 7.0.1 allows guest OS users to cause a guest OS denial of service via unspecified vectors. | 3.3 |
| 2015-01-29 | CVE-2015-1044 | Denial Of Service vulnerability in VMWare Esxi, Player and Workstation vmware-authd (aka the Authorization process) in VMware Workstation 10.x before 10.0.5, VMware Player 6.x before 6.0.5, and VMware ESXi 5.0 through 5.5 allows attackers to cause a host OS denial of service via unspecified vectors. low complexity vmware | 3.3 |
| 2014-01-17 | CVE-2014-1208 | Local Denial Of Service vulnerability in Multiple VMWare Products VMware Workstation 9.x before 9.0.1, VMware Player 5.x before 5.0.1, VMware Fusion 5.x before 5.0.1, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1 allow guest OS users to cause a denial of service (VMX process disruption) by using an invalid port. low complexity vmware | 3.3 |
| 2012-12-05 | CVE-2009-2899 | Information Exposure vulnerability in VMWare Hyperic HQ 4.2 The monitor perl script in the Sybase database plug-in in SpringSource Hyperic HQ before 4.3 allows local users to obtain the database password by listing the process and its arguments. | 2.1 |