Vulnerabilities (CVE)

Join the Common Vulnerabilities and Exposures (CVE) community and start to get notified about new vulnerabilities.

Filtered by vendor Vmware Subscribe
Filtered by product Workstation Pro
Total 27 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-7086 2 Microsoft, Vmware 3 Windows, Workstation Player, Workstation Pro 2017-07-29 7.2 HIGH 7.8 HIGH
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse setup64.exe file in the installation directory.
CVE-2016-7081 2 Microsoft, Vmware 3 Windows, Workstation Player, Workstation Pro 2017-07-29 6.9 MEDIUM 7.8 HIGH
Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS via unspecified vectors.
CVE-2016-7082 2 Microsoft, Vmware 3 Windows, Workstation Player, Workstation Pro 2017-07-29 5.9 MEDIUM 7.8 HIGH
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virtual printing is enabled, allow guest OS users to execute arbitrary code on the host OS or cause a denial of service (host OS memory corruption) via an EMF file.
CVE-2016-7085 2 Microsoft, Vmware 3 Windows, Workstation Player, Workstation Pro 2017-07-29 7.2 HIGH 7.8 HIGH
Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows local users to gain privileges via a Trojan horse DLL in an unspecified directory.
CVE-2016-7461 2 Microsoft, Vmware 5 Windows, Fusion, Fusion Pro and 2 more 2017-07-27 7.2 HIGH 8.8 HIGH
The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion Pro 8.x before 8.5.2 allows guest OS users to execute arbitrary code on the host OS or cause a denial of service (out-of-bounds memory access on the host OS) via unspecified vectors.
CVE-2017-4899 1 Vmware 2 Workstation Player, Workstation Pro 2017-07-17 1.9 LOW 4.7 MEDIUM
VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may exploit this issue to crash the VM or trigger an out-of-bound read. Note: This issue can be triggered only when the host has no graphics card or no graphics drivers are installed.
CVE-2017-4900 1 Vmware 2 Workstation Player, Workstation Pro 2017-07-17 2.1 LOW 5.5 MEDIUM
VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver. Successful exploitation of this issue may allow attackers with normal user privileges to crash their VMs.