Vulnerabilities > Vmware > Workstation Player > 12.1.0
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2017-06-07 | CVE-2017-4905 | Use of Uninitialized Resource vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. | 2.1 |
| 2017-06-07 | CVE-2017-4904 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. | 7.2 |
| 2017-06-07 | CVE-2017-4903 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. | 7.2 |
| 2017-06-07 | CVE-2017-4902 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. | 7.2 |
| 2017-06-07 | CVE-2017-4900 | NULL Pointer Dereference vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. | 2.1 |
| 2017-06-07 | CVE-2017-4899 | Out-of-bounds Read vulnerability in VMWare Workstation Player and Workstation PRO VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. | 1.9 |
| 2017-06-07 | CVE-2017-4898 | DLL Loading Remote Code Execution vulnerability in Multiple VMware Workstation Products VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading DLLs from a path defined in the local environment-variable. local vmware | 6.9 |
| 2016-12-29 | CVE-2016-7461 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors. | 7.2 |
| 2016-12-29 | CVE-2016-7086 | Permissions, Privileges, and Access Controls vulnerability in VMWare Workstation Player and Workstation PRO The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory. | 7.2 |
| 2016-12-29 | CVE-2016-7085 | Untrusted Search Path vulnerability in VMWare Workstation Player and Workstation PRO Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory. | 7.2 |