Vulnerabilities > Vmware > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-03-16 | CVE-2020-3948 | Improper Privilege Management vulnerability in VMWare Fusion and Workstation Linux Guest VMs running on VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. | 4.6 |
| 2020-03-05 | CVE-2020-5405 | Path Traversal vulnerability in VMWare Spring Cloud Config Spring Cloud Config, versions 2.2.x prior to 2.2.2, versions 2.1.x prior to 2.1.7, and older unsupported versions allow applications to serve arbitrary configuration files through the spring-cloud-config-server module. | 4.3 |
| 2020-02-19 | CVE-2020-3945 | Information Exposure vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. | 5.0 |
| 2020-02-19 | CVE-2020-3944 | Improper Authentication vulnerability in VMWare Vrealize Operations 6.6.0/6.7.0 vRealize Operations for Horizon Adapter (6.7.x prior to 6.7.1 and 6.6.x prior to 6.6.1) has an improper trust store configuration leading to authentication bypass. | 5.0 |
| 2020-01-25 | CVE-2019-5183 | Type Confusion vulnerability in AMD Atidxx64 26.20.13031.10003/26.20.13031.15006/26.20.13031.18002 An exploitable type confusion vulnerability exists in AMD ATIDXX64.DLL driver, versions 26.20.13031.10003, 26.20.13031.15006 and 26.20.13031.18002. | 6.8 |
| 2020-01-17 | CVE-2020-3940 | Improper Certificate Validation vulnerability in VMWare products VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability. | 4.3 |
| 2020-01-15 | CVE-2020-3941 | Race Condition vulnerability in VMWare Tools The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. | 4.4 |
| 2019-12-23 | CVE-2019-5539 | Untrusted Search Path vulnerability in VMWare Horizon View Agent and Workstation VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. | 4.4 |
| 2019-12-05 | CVE-2019-5098 | Out-of-bounds Read vulnerability in multiple products An exploitable out-of-bounds read vulnerability exists in AMD ATIDXX64.DLL driver, version 26.20.13001.29010. | 5.0 |
| 2019-11-20 | CVE-2019-5542 | Improper Input Validation vulnerability in VMWare Fusion and Workstation VMware Workstation (15.x before 15.5.1) and Fusion (11.x before 11.5.1) contain a denial-of-service vulnerability in the RPC handler. | 4.0 |