Vmware Workstation Pro — known CVE vulnerabilities
Every CVE whose affected-product data names Vmware Workstation Pro, ordered by CVSS severity, with EPSS exploit prediction and CISA KEV status.
CVEs (27)
CVE-2016-7461 — CVSS 8.8 (high): The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and…
CVE-2017-4898 — CVSS 8.8 (high): VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process loading…
CVE-2017-4933 — CVSS 8.8 (high): VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that…
CVE-2017-4924 — CVSS 8.8 (high): VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an…
CVE-2017-4902 — CVSS 8.8 (high): VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to…
CVE-2017-4903 — CVSS 8.8 (high): VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG…
CVE-2017-4904 — CVSS 8.8 (high): The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch…
CVE-2016-5330 — CVSS 7.8 (high): Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware…
CVE-2016-7081 — CVSS 7.8 (high): Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on…
CVE-2016-7082 — CVSS 7.8 (high): VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual…
CVE-2016-7083 — CVSS 7.8 (high): VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual…
CVE-2016-7084 — CVSS 7.8 (high): tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint…
CVE-2016-7085 — CVSS 7.8 (high): Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before…
CVE-2016-7086 — CVSS 7.8 (high): The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users…
CVE-2021-22040 — CVSS 6.7 (medium): VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local…
CVE-2017-4916 — CVSS 6.5 (medium): VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful exploitation…
CVE-2020-3990 — CVSS 6.5 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an…
CVE-2020-3986 — CVSS 6.1 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado…
CVE-2020-3987 — CVSS 6.1 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado…
CVE-2020-3988 — CVSS 6.1 (medium): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado…
CVE-2017-4925 — CVSS 5.5 (medium): VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch…
CVE-2017-4900 — CVSS 5.5 (medium): VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver…
CVE-2017-4905 — CVSS 5.5 (medium): VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG…
CVE-2018-6957 — CVSS 5.3 (medium): VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability which can…
CVE-2017-4899 — CVSS 4.7 (medium): VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit…
CVE-2020-3989 — CVSS 3.3 (low): VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an…