Vulnerabilities > Vmware > Workstation PRO > 12.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-03-15 | CVE-2018-6957 | Missing Release of Resource after Effective Lifetime vulnerability in VMWare Fusion, Workstation Player and Workstation PRO VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can be triggered by opening a large number of VNC sessions. | 5.3 |
| 2017-12-20 | CVE-2017-4933 | Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation PRO VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an authenticated VNC session to cause a heap overflow via a specific set of VNC packets resulting in heap corruption. | 8.8 |
| 2017-09-15 | CVE-2017-4925 | NULL Pointer Dereference vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-201709101-SG, Workstation (12.x before 12.5.3), Fusion (8.x before 8.5.4) contain a NULL pointer dereference vulnerability. | 5.5 |
| 2017-09-15 | CVE-2017-4924 | Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation PRO VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. | 8.8 |
| 2017-06-07 | CVE-2017-4905 | Use of Uninitialized Resource vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have uninitialized memory usage. | 5.5 |
| 2017-06-07 | CVE-2017-4904 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 has uninitialized memory usage. | 8.8 |
| 2017-06-07 | CVE-2017-4903 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch ESXi600-201703402-SG, and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have an uninitialized stack memory usage in SVGA. | 8.8 |
| 2017-06-07 | CVE-2017-4902 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare products VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. | 8.8 |