Every CVE whose affected-product data names Vmware Tools, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (22)
CVE-2021-21999 — CVSS 7.8 (high): VMware Tools for Windows (11.x.y prior to 11.2.6), VMware Remote Console for Windows (12.x prior to 12.0.1) , VMware App Volumes (2.x prior…
CVE-2022-31676 — CVSS 7.8 (high): VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local…
CVE-2023-34057 — CVSS 7.8 (high): VMware Tools contains a local privilege escalation vulnerability. A malicious actor with local user access to a guest virtual machine may…
CVE-2016-5330 — CVSS 7.8 (high): Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware…
CVE-2016-7079 — CVSS 7.8 (high): The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a…
CVE-2016-7080 — CVSS 7.8 (high): The graphic acceleration functions in VMware Tools 9.x and 10.x before 10.0.9 on OS X allow local users to gain privileges or cause a…
CVE-2022-22977 — CVSS 7.1 (high): VMware Tools for Windows(12.0.0, 11.x.y and 10.x.y) contains an XML External Entity (XXE) vulnerability. A malicious actor with…
CVE-2023-34058 — CVSS 7.1 (high): VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges…
CVE-2019-5522 — CVSS 7.1 (high): VMware Tools for Windows update addresses an out of bounds read vulnerability in vm3dmp driver which is installed with vmtools in Windows…
CVE-2023-20900 — CVSS 7.1 (high): A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952…
CVE-2018-6969 — CVSS 7.0 (high): VMware Tools (10.x and prior before 10.3.0) contains an out-of-bounds read vulnerability in HGFS. Successful exploitation of this issue may…
CVE-2020-3941 — CVSS 7.0 (high): The repair operation of VMware Tools for Windows 10.x.y has a race condition which may allow for privilege escalation in the Virtual…
CVE-2015-5191 — CVSS 6.7 (medium): VMware Tools prior to 10.0.9 contains multiple file system races in libDeployPkg, related to the use of hard-coded paths under /tmp…
CVE-2022-22943 — CVSS 6.7 (medium): VMware Tools for Windows (11.x.y and 10.x.y prior to 12.0.0) contains an uncontrolled search path vulnerability. A malicious actor with…
CVE-2014-4199 — CVSS 6.3 (medium): vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, allows local users to write to…
CVE-2022-31693 — CVSS 5.5 (medium): VMware Tools for Windows (12.x.y prior to 12.1.5, 11.x.y and 10.x.y) contains a denial-of-service vulnerability in the VM3DMP driver. A…
CVE-2021-21997 — CVSS 5.5 (medium): VMware Tools for Windows (11.x.y prior to 11.3.0) contains a denial-of-service vulnerability in the VM3DMP driver. A malicious actor with…
CVE-2016-5328 — CVSS 5.5 (medium): VMware Tools 9.x and 10.x before 10.1.0 on OS X, when System Integrity Protection (SIP) is enabled, allows local users to determine kernel…
CVE-2014-4200 — CVSS 4.7 (medium): vm-support 0.88 in VMware Tools, as distributed with VMware Workstation through 10.0.3 and other products, uses 0644 permissions for the…
CVE-2020-3972 — CVSS 3.3 (low): VMware Tools for macOS (11.x.x and prior before 11.1.1) contains a denial-of-service vulnerability in the Host-Guest File System (HGFS)…