Vmware Fusion vulnerabilities

5 known vulnerabilities affecting vmware/vmware_fusion.

Total CVEs
5
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL1HIGH2MEDIUM1LOW1

Vulnerabilities

Page 1 of 1
CVE-2020-3957HIGHCVSS 7.0v11.x before 11.5.52020-05-29
CVE-2020-3957 [HIGH] CWE-367 CVE-2020-3957: VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizo VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successful exploitation of this issue may allow attackers with normal user privileges to escalate
cvelistv5nvd
CVE-2020-3958MEDIUMCVSS 5.5v11.x before 11.5.22020-05-29
CVE-2020-3958 [MEDIUM] CWE-617 CVE-2020-3958: VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstatio VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality. Successful exploitation of this issue may allow attackers with non-administrative access to a virtual machine to crash t
cvelistv5nvd
CVE-2020-3959LOWCVSS 3.3v11.x before 11.1.02020-05-29
CVE-2020-3959 [LOW] CWE-401 CVE-2020-3959: VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstatio VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module. A malicious actor with local non-administrative access to a virtual machine may be able to crash the virtual machine's vmx process leading
cvelistv5nvd
CVE-2019-5521CRITICALCVSS 9.6v11.x before 11.0.3v10.x before 10.1.62019-09-20
CVE-2019-5521 [CRITICAL] CWE-125 CVE-2019-5521: VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x be VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201903001), Workstation (15.x before 15.0.3 and 14.x before 14.1.6) and Fusion (11.x before 11.0.3 and 10.x before 10.1.6) contain an out-of-bounds read vulnerability in the pixel shader functionality. Successful exploitation of this issue may lead to information disclosure or may a
cvelistv5nvd
CVE-2019-5514HIGHCVSS 8.8v11.x before 11.0.32019-04-01
CVE-2019-5514 [HIGH] CWE-306 CVE-2019-5514: VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthent VMware VMware Fusion (11.x before 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest machine where VMware Tools is installed. This may further be exploited to exec
cvelistv5nvd