Vmware Workstation Player — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Workstation Player, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (26)
CVE-2016-7461 — CVSS 8.8 (high): The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and…
CVE-2017-4898 — CVSS 8.8 (high): VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading…
CVE-2017-4904 — CVSS 8.8 (high): The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch…
CVE-2017-4903 — CVSS 8.8 (high): VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG…
CVE-2017-4902 — CVSS 8.8 (high): VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to…
CVE-2016-7085 — CVSS 7.8 (high): Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before…
CVE-2016-7086 — CVSS 7.8 (high): The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users…
CVE-2016-5330 — CVSS 7.8 (high): Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware…
CVE-2016-7081 — CVSS 7.8 (high): Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on…
CVE-2016-7082 — CVSS 7.8 (high): VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual…
CVE-2016-7083 — CVSS 7.8 (high): VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual…
CVE-2016-7084 — CVSS 7.8 (high): tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint…
CVE-2020-3982 — CVSS 7.7 (high): VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x)…
CVE-2018-5511 — CVSS 7.2 (high): On F5 BIG-IP 13.1.0-13.1.0.3 or 13.0.0, when authenticated administrative users execute commands in the Traffic Management User Interface…
CVE-2021-22040 — CVSS 6.7 (medium): VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local…
CVE-2020-3990 — CVSS 6.5 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an…
CVE-2017-4916 — CVSS 6.5 (medium): VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation…
CVE-2020-3986 — CVSS 6.1 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado…
CVE-2020-3988 — CVSS 6.1 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado…
CVE-2020-3987 — CVSS 6.1 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado…
CVE-2017-4900 — CVSS 5.5 (medium): VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver…
CVE-2017-4905 — CVSS 5.5 (medium): VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG…
CVE-2018-6957 — CVSS 5.3 (medium): VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can…
CVE-2017-4899 — CVSS 4.7 (medium): VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit…
CVE-2020-3989 — CVSS 3.3 (low): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an…