Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware tools vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2011-1681
vmware-hgfsmounter in VMware Open Virtual Machine Tools (aka open-vm-tools) 8.4.2-261024 and previous versions attempts to append to the /etc/mtab file without first checking whether resource limits would interfere, which allows local users to trigger corruption of this file via ...
Vmware Open-vm-tools
6.7
CVSSv3
CVE-2009-1142
An issue exists in open-vm-tools 2009.03.18-154848. Local users can gain privileges via a symlink attack on /tmp files if vmware-user-suid-wrapper is setuid root and the ChmodChownDirectory function is enabled.
Vmware Open Vm Tools 2009.03.18-154848
7
CVSSv3
CVE-2009-1143
An issue exists in open-vm-tools 2009.03.18-154848. Local users can bypass intended access restrictions on mounting shares via a symlink attack that leverages a realpath race condition in mount.vmhgfs (aka hgfsmounter).
Vmware Open-vm-tools 2009.03.18-154848
7.5
CVSSv3
CVE-2023-34058
VMware Tools contains a SAML token signature bypass vulnerability. A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be a...
Vmware Open Vm Tools
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Vmware Tools
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
5.5
CVSSv3
CVE-2023-39250
Dell Storage Integration Tools for VMware (DSITV) and Dell Storage vSphere Client Plugin (DSVCP) versions before 6.1.1 and Replay Manager for VMware (RMSV) versions before 3.1.2 contain an information disclosure vulnerability. A local low-privileged malicious user could potentia...
Dell Replay Manager For Vmware
Dell Storage Vsphere Client Plugin
Dell Storage Integration Tools For Vmware
NA
CVE-2010-4297
The VMware Tools update functionality in VMware Workstation 6.5.x prior to 6.5.5 build 328052 and 7.x prior to 7.1.2 build 301548; VMware Player 2.5.x prior to 2.5.5 build 328052 and 3.1.x prior to 3.1.2 build 301548; VMware Server 2.0.2; VMware Fusion 2.x prior to 2.0.8 build 32...
Vmware Workstation 6.5.0
Vmware Workstation 7.1.2
Vmware Workstation 6.5.5
Vmware Workstation 7.1
Vmware Workstation 7.0.1
Vmware Workstation 6.5.3
Vmware Workstation 6.5.2
Vmware Workstation 6.5.1
Vmware Workstation 7.0
Vmware Workstation 7.1.1
Vmware Player 3.1
Vmware Player 2.5.5
Vmware Player 2.5.3
Vmware Player 2.5
Vmware Player 2.5.4
Vmware Player 3.1.1
Vmware Player 3.1.2
Vmware Player 2.5.1
Vmware Player 2.5.2
Vmware Fusion 2.0.6
Vmware Fusion 2.0
Vmware Fusion 2.0.1
1 EDB exploit
NA
CVE-2012-3569
Format string vulnerability in VMware OVF Tool 2.1 on Windows, as used in VMware Workstation 8.x prior to 8.0.5, VMware Player 4.x prior to 4.0.5, and other products, allows user-assisted remote malicious users to execute arbitrary code via a crafted OVF file.
Vmware Ovf Tool 2.1
Vmware Workstation 8.0
Vmware Workstation 8.0.0.18997
Vmware Workstation 8.0.2
Vmware Workstation 8.0.3
Vmware Workstation 8.0.4
Vmware Workstation 8.0.1
Vmware Workstation 8.0.1.27038
Vmware Player 4.0
Vmware Player 4.0.0.18997
Vmware Player 4.0.3
Vmware Player 4.0.4
Vmware Player 4.0.1
Vmware Player 4.0.2
2 EDB exploits
NA
CVE-2012-1666
Untrusted search path vulnerability in VMware Tools in VMware Workstation prior to 8.0.4, VMware Player prior to 4.0.4, VMware Fusion prior to 4.1.2, VMware View prior to 5.1, and VMware ESX 4.1 before U3 and 5.0 before P03 allows local users to gain privileges via a Trojan horse...
Vmware Workstation 8.0.1
Vmware Workstation 8.0.0.18997
Vmware Workstation 8.0
Vmware Workstation 8.0.2
Vmware Workstation
Vmware Workstation 8.0.1.27038
Vmware Player 4.0
Vmware Player 4.0.2
Vmware Player 4.0.0.18997
Vmware Player
Vmware Player 4.0.1
Vmware Fusion
Vmware Fusion 4.1
Vmware Fusion 4.0.2
Vmware Fusion 4.0
Vmware Fusion 4.0.1
Vmware View
Vmware View 4.6.0
Vmware Esx 4.1
Vmware Esx 5.0
1 EDB exploit
6.3
CVSSv3
CVE-2015-6933
The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x prior to 11.1.2, VMware Player 7.x prior to 7.1.2, VMware Fusion 7.x prior to 7.1.2, and VMware ESXi 5.0 up to and including 6.0 allows Windows guest OS users to gain guest OS privileges or cause...
Vmware Player 7.1.1
Vmware Player 7.0
Vmware Player 7.1
Vmware Workstation 11.0
Vmware Workstation 11.1
Vmware Workstation 11.1.1
Vmware Esxi 5.0
Vmware Esxi 5.1
Vmware Esxi 6.0
Vmware Esxi 5.5
Vmware Fusion 7.1.1
Vmware Fusion 7.1
Vmware Fusion 7.0
1 Article
7
CVSSv3
CVE-2023-34059
open-vm-tools contains a file descriptor hijack vulnerability in the vmware-user-suid-wrapper. A malicious actor with non-root privileges may be able to hijack the /dev/uinput file descriptor allowing them to simulate user inputs.
Vmware Open Vm Tools
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-7073
CVE-2024-5496
CVE-2024-5495
XPath injection
bypass
CVE-2024-30043
CVE-2024-24919
denial of service
CVE-2024-35468
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
NEXT »