Workstation

DATE	CVE	VULNERABILITY TITLE	RISK
2017-06-08	CVE-2017-4909	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Horizon View and Workstation VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. local high complexity vmware CWE-119	7.8
2017-06-08	CVE-2017-4908	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Horizon View and Workstation VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. local high complexity vmware CWE-119	7.8
2017-06-08	CVE-2017-4901	Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Fusion and Workstation The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulnerability. network low complexity vmware CWE-119 critical	9.9
2016-05-18	CVE-2016-2077	Permissions, Privileges, and Access Controls vulnerability in VMWare Player and Workstation VMware Workstation 11.x before 11.1.3 and VMware Player 7.x before 7.1.3 on Windows incorrectly access an executable file, which allows host OS users to gain host OS privileges via unspecified vectors. network low complexity vmware CWE-264 critical	9.8
2016-01-09	CVE-2015-6933	Improper Access Control vulnerability in VMWare products The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7.1.2, and VMware ESXi 5.0 through 6.0 allows Windows guest OS users to gain guest OS privileges or cause a denial of service (guest OS kernel memory corruption) via unspecified vectors. network low complexity vmware CWE-284	6.3
2010-06-30	CVE-2010-2249	Memory Leak vulnerability in multiple products Memory leak in pngrutil.c in libpng before 1.2.44, and 1.4.x before 1.4.3, allows remote attackers to cause a denial of service (memory consumption and application crash) via a PNG image containing malformed Physical Scale (aka sCAL) chunks. network low complexity libpng apple fedoraproject suse opensuse vmware canonical debian CWE-401	6.5
2010-06-30	CVE-2010-1205	Classic Buffer Overflow vulnerability in multiple products Buffer overflow in pngpread.c in libpng before 1.2.44 and 1.4.x before 1.4.3, as used in progressive applications, might allow remote attackers to execute arbitrary code via a PNG image that triggers an additional data row. network low complexity libpng google apple fedoraproject suse opensuse vmware canonical debian mozilla CWE-120 critical	9.8