Vulnerabilities > Vmware > Workstation PRO
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2022-02-16 | CVE-2021-22040 | Use After Free vulnerability in VMWare products VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. | 4.6 |
| 2020-09-16 | CVE-2020-3990 | Integer Overflow or Wraparound vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. | 2.1 |
| 2020-09-16 | CVE-2020-3989 | Out-of-bounds Write vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. | 2.1 |
| 2020-09-16 | CVE-2020-3988 | Out-of-bounds Read vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). | 3.6 |
| 2020-09-16 | CVE-2020-3987 | Out-of-bounds Read vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). | 3.6 |
| 2020-09-16 | CVE-2020-3986 | Out-of-bounds Read vulnerability in VMWare Horizon Client, Workstation Player and Workstation PRO VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). | 3.6 |
| 2018-03-15 | CVE-2018-6957 | Missing Release of Resource after Effective Lifetime vulnerability in VMWare Fusion, Workstation Player and Workstation PRO VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. | 3.5 |
| 2017-12-20 | CVE-2017-4933 | Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation PRO VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. | 6.0 |
| 2017-09-15 | CVE-2017-4925 | NULL Pointer Dereference vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. | 2.1 |
| 2017-09-15 | CVE-2017-4924 | Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation PRO VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. | 7.2 |