Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
vmware tools vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-20900
A malicious actor that has been granted Guest Operation Privileges https://docs.vmware.com/en/VMware-vSphere/8.0/vsphere-security/GUID-6A952214-0E5E-4CCF-9D2A-90948FF643EC.html in a target virtual machine may be able to elevate their privileges if that target virtual machine has ...
Vmware Tools
Vmware Open Vm Tools
Fedoraproject Fedora 37
Fedoraproject Fedora 38
Fedoraproject Fedora 39
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Debian Debian Linux 12.0
Netapp Ontap Select Deploy Administration Utility -
7.8
CVSSv3
CVE-2022-31676
VMware Tools (12.0.0, 11.x.y and 10.x.y) contains a local privilege escalation vulnerability. A malicious actor with local non-administrative access to the Guest OS can escalate privileges as a root user in the virtual machine.
Vmware Tools
Debian Debian Linux 10.0
Debian Debian Linux 11.0
Fedoraproject Fedora 36
Fedoraproject Fedora 37
Netapp Ontap Select Deploy Administration Utility -
1 Github repository
5.5
CVSSv3
CVE-2017-4945
VMware Workstation (14.x and 12.x) and Fusion (10.x and 8.x) contain a guest access control vulnerability. This issue may allow program execution via Unity on locked Windows VMs. VMware Tools must be updated to 10.2.0 for each VM to resolve CVE-2017-4945. VMware Tools 10.2.0 is c...
Vmware Workstation 12.5.1
Vmware Workstation 12.5.2
Vmware Workstation 12.5.3
Vmware Workstation 12.1.1
Vmware Workstation 12.5.0
Vmware Workstation 12.5.4
Vmware Workstation 12.5.5
Vmware Workstation 12.5.6
Vmware Workstation 12.5.8
Vmware Workstation 12.0.1
Vmware Workstation 12.0.0
Vmware Workstation 12.5.7
Vmware Workstation 14.0
Vmware Workstation 12.5.9
Vmware Workstation 12.5
Vmware Workstation 12.1
Vmware Fusion 10.0.1
Vmware Fusion 10.1.0
Vmware Fusion 10.1.1
Vmware Fusion 8.5.10
Vmware Fusion 8.0.1
Vmware Fusion 8.0
NA
CVE-2007-5671
HGFS.sys in the VMware Tools package in VMware Workstation 5.x prior to 5.5.6 build 80404, VMware Player prior to 1.0.6 build 80404, VMware ACE prior to 1.0.5 build 79846, VMware Server prior to 1.0.5 build 80187, and VMware ESX 2.5.4 up to and including 3.0.2 does not properly v...
Vmware Ace 1.0.0
Vmware Ace 1.0.1
Vmware Esx 3.0.1
Vmware Ace 1.0.4
Vmware Esx 2.5.4
Vmware Vmware Player 1.0.0
Vmware Vmware Player 1.0.1
Vmware Vmware Workstation 5.5.0
Vmware Vmware Workstation 5.5.2
Vmware Esx Server 2.5.5
Vmware Esx 3.0.0
Vmware Vmware Player 1.0.2
Vmware Vmware Player 1.0.3
Vmware Vmware Workstation 5.5.5
Vmware Workstation 5.5.1
Vmware Esx 3.0.2
Vmware Vmware Player 1.0.5
Vmware Vmware Server 1.0.0
Vmware Vmware Server 1.0.1
Vmware Workstation 5.5.3
Vmware Workstation 5.5.4
Vmware Ace 1.0.2
NA
CVE-2012-1518
VMware Workstation 8.x prior to 8.0.2, VMware Player 4.x prior to 4.0.2, VMware Fusion 4.x prior to 4.1.2, VMware ESXi 3.5 up to and including 5.0, and VMware ESX 3.5 up to and including 4.1 use an incorrect ACL for the VMware Tools folder, which allows guest OS users to gain gue...
Vmware Workstation 8.0
Vmware Workstation 8.0.1
Vmware Player 4.0
Vmware Player 4.0.1
Vmware Player 4.0.2
Vmware Fusion 4.1.1
Vmware Fusion 4.0
Vmware Fusion 4.0.1
Vmware Fusion 4.0.2
Vmware Fusion 4.1
Vmware Esxi 4.1
Vmware Esxi 4.0
Vmware Esxi 5.0
Vmware Esxi 3.5
Vmware Esx 3.5
Vmware Esx 4.0
Vmware Esx 4.1
NA
CVE-2010-1142
VMware Tools in VMware Workstation 6.5.x prior to 6.5.4 build 246459; VMware Player 2.5.x prior to 2.5.4 build 246459; VMware ACE 2.5.x prior to 2.5.4 build 246459; VMware Server 2.x prior to 2.0.2 build 203138; VMware Fusion 2.x prior to 2.0.6 build 246742; VMware ESXi 3.5 and 4...
Vmware Workstation 6.5.0
Vmware Workstation 6.5.3
Vmware Workstation 6.5.1
Vmware Workstation 6.5.2
Vmware Player 2.5
Vmware Player 2.5.3
Vmware Player 2.5.1
Vmware Player 2.5.2
Vmware Ace 2.5.3
Vmware Ace 2.5.0
Vmware Ace 2.5.1
Vmware Ace 2.5.2
Vmware Server 2.0.0
Vmware Server 2.0.2
Vmware Server 2.0.1
Vmware Fusion 2.0.5
Vmware Fusion 2.0
Vmware Fusion 3.0
Vmware Fusion 2.0.1
Vmware Fusion 2.0.2
Vmware Fusion 2.0.3
Vmware Fusion 2.0.4
NA
CVE-2010-1141
VMware Tools in VMware Workstation 6.5.x prior to 6.5.4 build 246459; VMware Player 2.5.x prior to 2.5.4 build 246459; VMware ACE 2.5.x prior to 2.5.4 build 246459; VMware Server 2.x prior to 2.0.2 build 203138; VMware Fusion 2.x prior to 2.0.6 build 246742; VMware ESXi 3.5 and 4...
Vmware Workstation 6.5.2
Vmware Workstation 6.5.3
Vmware Workstation 6.5.0
Vmware Workstation 6.5.1
Vmware Player 2.5.3
Vmware Player 2.5.1
Vmware Player 2.5.2
Vmware Player 2.5
Vmware Ace 2.5.2
Vmware Ace 2.5.0
Vmware Ace 2.5.1
Vmware Ace 2.5.3
Vmware Server 2.0.2
Vmware Server 2.0.1
Vmware Server 2.0.0
Vmware Fusion 3.0
Vmware Fusion 2.0.5
Vmware Fusion 2.0
Vmware Fusion 2.0.3
Vmware Fusion 2.0.4
Vmware Fusion 2.0.1
Vmware Fusion 2.0.2
NA
CVE-2014-3793
VMware Tools in VMware Workstation 10.x prior to 10.0.2, VMware Player 6.x prior to 6.0.2, VMware Fusion 6.x prior to 6.0.3, and VMware ESXi 5.0 up to and including 5.5, when a Windows 8.1 guest OS is used, allows guest OS users to gain guest OS privileges or cause a denial of se...
Vmware Esxi 5.0
Vmware Fusion 6.0.1
Vmware Fusion 6.0.2
Vmware Esxi 5.1
Vmware Workstation 10.0.1
Vmware Workstation 10.0
Vmware Esxi 5.5
Vmware Player 6.0
Vmware Player 6.0.1
Vmware Fusion 6.0
4.8
CVSSv3
CVE-2021-32719
RabbitMQ is a multi-protocol messaging broker. In rabbitmq-server prior to version 3.8.18, when a federation link was displayed in the RabbitMQ management UI via the `rabbitmq_federation_management` plugin, its consumer tag was rendered without proper <script> tag sanitizat...
Vmware Rabbitmq
8.8
CVSSv3
CVE-2019-5514
VMware VMware Fusion (11.x prior to 11.0.3) contains a security vulnerability due to certain unauthenticated APIs accessible through a web socket. An attacker may exploit this issue by tricking the host user to execute a JavaScript to perform unauthorized functions on the guest m...
Vmware Fusion
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-3400
deserialization
CVE-2024-21788
CVE-2023-42433
CVE-2024-21841
CVE-2024-22095
local file inclusion
memory leak
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
NEXT »