VMware

Fusion

137 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7

CVE-2023-34046

  • EPSS 0.14%
  • Veröffentlicht 20.10.2023 09:15:12
  • Zuletzt bearbeitet 07.03.2025 19:15:35

VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user needs to drag or copy the application to a folder from the '.dmg' volume) or when installing...

8.2

CVE-2023-20869

  • EPSS 2.26%
  • Veröffentlicht 25.04.2023 22:15:09
  • Zuletzt bearbeitet 04.02.2025 18:15:32

VMware Workstation (17.x) and VMware Fusion (13.x) contain a stack-based buffer-overflow vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.

6

CVE-2023-20870

  • EPSS 0.05%
  • Veröffentlicht 25.04.2023 22:15:09
  • Zuletzt bearbeitet 04.02.2025 18:15:33

VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.

7.8

CVE-2023-20871

  • EPSS 0.09%
  • Veröffentlicht 25.04.2023 21:15:10
  • Zuletzt bearbeitet 04.02.2025 17:15:10

VMware Fusion contains a local privilege escalation vulnerability. A malicious actor with read/write access to the host operating system can elevate privileges to gain root access to the host operating system.

8.8

CVE-2023-20872

  • EPSS 0.77%
  • Veröffentlicht 25.04.2023 21:15:10
  • Zuletzt bearbeitet 04.02.2025 17:15:10

VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.

8.2

CVE-2022-31705

  • EPSS 1.39%
  • Veröffentlicht 14.12.2022 19:15:13
  • Zuletzt bearbeitet 21.11.2024 07:05:10

VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual ...

6.7

CVE-2021-22040

  • EPSS 0.66%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX pr...

6.7

CVE-2021-22041

  • EPSS 0.52%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller. A malicious actor with local administrative privileges on a virtual machine may exploit this issue to execute code as the virtual machine's VMX proc...

7.5

CVE-2021-22043

  • EPSS 0.31%
  • Veröffentlicht 16.02.2022 17:15:10
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled. A malicious actor with access to settingsd, may exploit this issue to escalate their privileges by writing arbitrary files.

7.8

CVE-2021-22045

  • EPSS 2.14%
  • Veröffentlicht 04.01.2022 22:15:07
  • Zuletzt bearbeitet 21.11.2024 05:49:29

VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation. A malicious actor with access to a virtu...