Vulnerabilities > Vmware > Workstation > Medium

DATE CVE VULNERABILITY TITLE RISK
2023-10-20 CVE-2023-34044 Out-of-bounds Read vulnerability in VMWare Fusion and Workstation
VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine. A malicious actor with local administrative privileges on a virtual machine may be able to read privileged information contained in hypervisor memory from a virtual machine.
local
low complexity
vmware CWE-125
6.0
6.0
2023-04-25 CVE-2023-20870 Out-of-bounds Read vulnerability in VMWare Fusion and Workstation
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
local
low complexity
vmware CWE-125
6.0
6.0
2022-08-10 CVE-2022-22983 Insufficiently Protected Credentials vulnerability in VMWare Workstation
VMware Workstation (16.x prior to 16.2.4) contains an unprotected storage of credentials vulnerability.
local
low complexity
vmware CWE-522
5.9
5.9
2022-02-16 CVE-2021-22041 Unspecified vulnerability in VMWare products
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller.
local
low complexity
vmware
6.7
6.7
2022-01-28 CVE-2022-22938 Unspecified vulnerability in VMWare Horizon and Workstation
VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component.
local
low complexity
vmware
6.5
6.5
2021-05-24 CVE-2021-21987 Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation
VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser).
local
low complexity
vmware CWE-125
6.5
6.5
2021-05-24 CVE-2021-21988 Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation
VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser).
local
low complexity
vmware CWE-125
6.5
6.5
2021-05-24 CVE-2021-21989 Out-of-bounds Read vulnerability in VMWare Horizon Client and Workstation
VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser).
local
low complexity
vmware CWE-125
6.5
6.5
2020-12-21 CVE-2020-3999 Improper Input Validation vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo.
local
low complexity
vmware CWE-20
6.5
6.5
2020-10-20 CVE-2020-3995 Memory Leak vulnerability in VMWare products
In VMware ESXi (6.7 before ESXi670-201908101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x before 15.1.0), Fusion (11.x before 11.1.0), the VMCI host drivers used by VMware hypervisors contain a memory leak vulnerability.
network
high complexity
vmware CWE-401
5.3
5.3