Vulnerabilities > Vmware > Workstation > Medium
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2025-03-04 | CVE-2025-22226 | Unspecified vulnerability in VMWare products VMware ESXi, Workstation, and Fusion contain an information disclosure vulnerability due to an out-of-bounds read in HGFS. A malicious actor with administrative privileges to a virtual machine may be able to exploit this issue to leak memory from the vmx process. | 6.0 |
| 2024-05-14 | CVE-2024-22268 | Out-of-bounds Write vulnerability in VMWare Fusion and Workstation VMware Workstation and Fusion contain a heap buffer-overflow vulnerability in the Shader functionality. A malicious actor with non-administrative access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to create a denial of service condition. | 6.5 |
| 2024-03-05 | CVE-2024-22252 | Use After Free vulnerability in VMWare Esxi, Fusion and Workstation VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX process running on the host. | 6.7 |
| 2023-10-20 | CVE-2023-34044 | Out-of-bounds Read vulnerability in VMWare Fusion and Workstation VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine. | 6.0 |
| 2023-04-25 | CVE-2023-20870 | Out-of-bounds Read vulnerability in VMWare Fusion and Workstation VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. | 6.0 |
| 2022-08-10 | CVE-2022-22983 | Insufficiently Protected Credentials vulnerability in VMWare Workstation VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability. | 5.9 |
| 2022-02-16 | CVE-2021-22041 | Unspecified vulnerability in VMWare products VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. | 6.7 |
| 2022-01-28 | CVE-2022-22938 | Unspecified vulnerability in VMWare Horizon and Workstation VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component. | 6.5 |
| 2021-05-24 | CVE-2021-21987 | Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). | 6.5 |
| 2021-05-24 | CVE-2021-21988 | Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). | 6.5 |