Vulnerabilities > Vmware > Tools > 10.0.6
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2023-06-07 | CVE-2022-31693 | Unspecified vulnerability in VMWare Tools VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. | 5.5 |
| 2022-08-23 | CVE-2022-31676 | Improper Privilege Management vulnerability in multiple products VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. | 7.8 |
| 2022-05-24 | CVE-2022-22977 | XXE vulnerability in VMWare Tools VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. | 7.1 |
| 2020-01-15 | CVE-2020-3941 | Race Condition vulnerability in VMWare Tools The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual Machine where Tools is installed. | 7.0 |
| 2019-06-06 | CVE-2019-5522 | Out-of-bounds Read vulnerability in VMWare Tools VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows guest machines. | 7.1 |
| 2018-07-13 | CVE-2018-6969 | Out-of-bounds Read vulnerability in VMWare Tools VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. | 7.0 |
| 2017-07-28 | CVE-2015-5191 | Race Condition vulnerability in VMWare Tools VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp. | 6.7 |
| 2016-12-29 | CVE-2016-7080 | NULL Pointer Dereference vulnerability in VMWare Tools The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7079. | 7.8 |
| 2016-12-29 | CVE-2016-7079 | NULL Pointer Dereference vulnerability in VMWare Tools The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors, a different vulnerability than CVE-2016-7080. | 7.8 |
| 2016-12-29 | CVE-2016-5328 | 7PK - Security Features vulnerability in VMWare Tools VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel memory addresses and bypass the kASLR protection mechanism via unspecified vectors. | 5.5 |