Vulnerabilities > Vmware > Workstation > 17.5.1
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-04 | CVE-2025-22224 | Unspecified vulnerability in VMWare products VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | 8.2 |
| 2025-03-04 | CVE-2025-22226 | Unspecified vulnerability in VMWare products VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | 6.0 |
| 2024-05-14 | CVE-2024-22267 | Use After Free vulnerability in VMWare Fusion and Workstation VMware Workstation and Fusion contain a use-after-free vulnerability in the vbluetooth device. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | 8.2 |
| 2024-05-14 | CVE-2024-22268 | Out-of-bounds Write vulnerability in VMWare Fusion and Workstation VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in the Shader functionality. A malicious actor with non-administrative access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to create a denial of service condition. | 6.5 |