Vmware Workstation vulnerabilities

225 known vulnerabilities affecting vmware/workstation.

Total CVEs

225

CISA KEV

actively exploited

Public exploits

Exploited in wild

Severity breakdown

CRITICAL32HIGH90MEDIUM88LOW15

Vulnerabilities

Page 9 of 12

CVE-2010-1138MEDIUMCVSS 5.0v7.0v6.5.0+3 more2010-04-12

CVE-2010-1138 [MEDIUM] CWE-200 CVE-2010-1138: The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation The virtual networking stack in VMware Workstation 7.0 before 7.0.1 build 227600, VMware Workstation 6.5.x before 6.5.4 build 246459 on Windows, VMware Player 3.0 before 3.0.1 build 227600, VMware Player 2.5.x before 2.5.4 build 246459 on Windows, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware Server 2.x, and VMwa

nvd

CVE-2009-2267MEDIUMCVSS 6.9PoCv6.5.0v6.5.1+1 more2009-11-02

CVE-2009-2267 [MEDIUM] CVE-2009-2267: VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, V VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, VMware ACE 2.5.x before 2.5.3 build 185404, VMware Server 1.x before 1.0.10 build 203137 and 2.x before 2.0.2 build 203138, VMware Fusion 2.x before 2.0.6 build 196839, VMware ESXi 3.5 and 4.0, and VMware ESX 2.5.5, 3.0.3, 3.5, and 4.0, when Virtual-8086 mode is

nvd

CVE-2009-3707MEDIUMCVSS 5.0PoCv6.5.0v6.5.1+5 more2009-10-16

CVE-2009-3707 [MEDIUM] CWE-134 CVE-2009-3707: VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware W VMware Authentication Daemon 1.0 in vmware-authd.exe in the VMware Authorization Service in VMware Workstation 7.0 before 7.0.1 build 227600 and 6.5.x before 6.5.4 build 246459, VMware Player 3.0 before 3.0.1 build 227600 and 2.5.x before 2.5.4 build 246459, VMware ACE 2.6 before 2.6.1 build 227600 and 2.5.x before 2.5.4 build 246459, and VMware Serve

nvd

CVE-2009-2628CRITICALCVSS 9.3v6.5v6.5.0+2 more2009-09-08

CVE-2009-2628 [CRITICAL] CWE-94 CVE-2009-2628: The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstati The VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows does not properly handle certain small heights in video content, which might allow remote attackers to execute

nvd

CVE-2009-0199CRITICALCVSS 9.3v6.5v6.5.0+2 more2009-09-08

CVE-2009-0199 [CRITICAL] CWE-119 CVE-2009-0199: Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 Heap-based buffer overflow in the VMnc media codec in vmnc.dll in VMware Movie Decoder before 6.5.3 build 185404, VMware Workstation 6.5.x before 6.5.3 build 185404, VMware Player 2.5.x before 2.5.3 build 185404, and VMware ACE 2.5.x before 2.5.3 build 185404 on Windows might allow remote attackers to execute arbitrary code via a video file with craf

nvd

CVE-2009-1805MEDIUMCVSS 4.0≤ 6.5.1v1.0.1+43 more2009-06-01

CVE-2009-1805 [MEDIUM] CVE-2009-1805: Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5 Unspecified vulnerability in the VMware Descheduled Time Accounting driver in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745, VMware Fusion 2.x before 2.0.2 build 147997, VMware ESXi 3.5, and VMware ESX 3.0.2, 3.0.3, and 3.5, whe

nvd

CVE-2009-1244MEDIUMCVSS 6.8≤ 6.5.1v1.0.1+33 more2009-04-13

CVE-2009-1244 [MEDIUM] CVE-2009-1244: Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and ea Unspecified vulnerability in the virtual machine display function in VMware Workstation 6.5.1 and earlier; VMware Player 2.5.1 and earlier; VMware ACE 2.5.1 and earlier; VMware Server 1.x before 1.0.9 build 156507 and 2.x before 2.0.1 build 156745; VMware Fusion before 2.0.4 build 159196; VMware ESXi 3.5; and VMware ESX 3.0.2, 3.0.3, and 3.5 allows guest OS u

nvd

CVE-2009-0909CRITICALCVSS 9.3v6.5.12009-04-06

CVE-2009-0909 [CRITICAL] CWE-119 CVE-2009-0909: Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-435.

nvd

CVE-2009-1147HIGHCVSS 7.2v1.0.1v1.0.2+41 more2009-04-06

CVE-2009-1147 [HIGH] CVE-2009-1147: Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMwar Unspecified vulnerability in vmci.sys in the Virtual Machine Communication Interface (VMCI) in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 2.0.x before 2.0.1 build 156745 allows local users to gain privileges via unknown vectors.

nvd

CVE-2009-1146MEDIUMCVSS 4.9≤ 6.5.1v1.0.1+31 more2009-04-06

CVE-2009-1146 [MEDIUM] CVE-2009-1146: Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware P Unspecified vulnerability in an ioctl in hcmon.sys in VMware Workstation 6.5.1 and earlier, VMware Player 2.5.1 and earlier, VMware ACE 2.5.1 and earlier, and VMware Server 1.0.x before 1.0.9 build 156507 and 2.0.x before 2.0.1 build 156745 allows local users to cause a denial of service via unknown vectors, a different vulnerability than CVE-2008-3761.

nvd

CVE-2009-0910MEDIUMCVSS 6.8v6.5.12009-04-06

CVE-2009-0910 [MEDIUM] CWE-119 CVE-2009-0910: Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, Heap-based buffer overflow in the VNnc Codec in VMware Workstation 6.5.x before 6.5.2 build 156735, VMware Player 2.5.x before 2.5.2 build 156735, VMware ACE 2.5.x before 2.5.2 build 156735, and VMware Server 2.0.x before 2.0.1 build 156745 allows remote attackers to execute arbitrary code via a crafted web page or video file, aka ZDI-CAN-436.

nvd

CVE-2008-4917HIGHCVSS 7.2≥ 5.5, ≤ 5.5.8≥ 6.0, ≤ 6.0.52008-12-09

CVE-2008-4917 [HIGH] CWE-399 CVE-2008-4917: Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x version Unspecified vulnerability in VMware Workstation 5.5.8 and earlier, and 6.0.5 and earlier 6.x versions; VMware Player 1.0.8 and earlier, and 2.0.5 and earlier 2.x versions; VMware Server 1.0.9 and earlier; VMware ESXi 3.5; and VMware ESX 3.0.2 through 3.5 allows guest OS users to have an unknown impact by sending the virtual hardware a request that trigg

nvd

CVE-2008-4915MEDIUMCVSS 6.9≥ 5.5, ≤ 5.5.8≥ 6.0, ≤ 6.0.52008-11-10

CVE-2008-4915 [MEDIUM] CWE-264 CVE-2008-4915: The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0 The CPU hardware emulation in VMware Workstation 6.0.5 and earlier and 5.5.8 and earlier; Player 2.0.x through 2.0.5 and 1.0.x through 1.0.8; ACE 2.0.x through 2.0.5 and earlier, and 1.0.x through 1.0.7; Server 1.0.x through 1.0.7; ESX 2.5.4 through 3.5; and ESXi 3.5, when running 32-bit and 64-bit guest operating systems, does not properly handle the

nvd

CVE-2008-4279MEDIUMCVSS 6.8≥ 5.5, < 5.5.8≥ 6.0, < 6.0.52008-10-06

CVE-2008-4279 [MEDIUM] CWE-264 CVE-2008-4279: The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0 The CPU hardware emulation for 64-bit guest operating systems in VMware Workstation 6.0.x before 6.0.5 build 109488 and 5.x before 5.5.8 build 108000; Player 2.0.x before 2.0.5 build 109488 and 1.x before 1.0.8; Server 1.x before 1.0.7 build 108231; and ESX 2.5.4 through 3.5 allows authenticated guest OS users to gain additional guest OS privileges by

nvd

CVE-2008-3696CRITICALCVSS 10.0≥ 5.5, < 5.5.8≥ 6.0, < 6.0.52008-09-03

CVE-2008-3696 [CRITICAL] CVE-2008-3696: Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server befor

nvd

CVE-2008-3691CRITICALCVSS 10.0≥ 5.5, < 5.5.8≥ 6.0, < 6.0.52008-09-03

CVE-2008-3691 [CRITICAL] CVE-2008-3691: Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server befor

nvd

CVE-2008-3892CRITICALCVSS 10.0PoC≥ 5.5, < 5.5.8≥ 6.0, < 6.0.52008-09-03

CVE-2008-3892 [CRITICAL] CVE-2008-3892: Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 Buffer overflow in a certain ActiveX control in the COM API in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server

nvd

CVE-2008-3694CRITICALCVSS 10.0≥ 5.5, < 5.5.8≥ 6.0, < 6.0.52008-09-03

CVE-2008-3694 [CRITICAL] CVE-2008-3694: Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server befor

nvd

CVE-2008-3692CRITICALCVSS 10.0≥ 5.5, < 5.5.8≥ 6.0, < 6.0.52008-09-03

CVE-2008-3692 [CRITICAL] CVE-2008-3692: Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server befor

nvd

CVE-2008-3693CRITICALCVSS 10.0≥ 5.5, < 5.5.8≥ 6.0, < 6.0.52008-09-03

CVE-2008-3693 [CRITICAL] CVE-2008-3693: Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 buil Unspecified vulnerability in a certain ActiveX control in VMware Workstation 5.5.x before 5.5.8 build 108000, VMware Workstation 6.0.x before 6.0.5 build 109488, VMware Player 1.x before 1.0.8 build 108000, VMware Player 2.x before 2.0.5 build 109488, VMware ACE 1.x before 1.0.7 build 108880, VMware ACE 2.x before 2.0.5 build 109488, and VMware Server befor

nvd

← Previous9 / 12Next →