threat
engine
.sh
Back
·
··:··
Home
/
Product
/
vmware workstation pro
Product
vmware workstation pro
27 known vulnerabilities across versions
Vulnerabilities are listed by affected version. Select any CVE for the full briefing and its intelligence graph.
Sort
Newest first
Oldest first
Highest CVSS
Lowest CVSS
Min CVSS
Any
4.0+
7.0+ (High)
9.0+ (Critical)
Published since
Reset
CVE-2021-22040
>= 16.0.0 and < 16.2.1
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. A malicious actor with loc
6.7
MEDIUM
CVE-2020-3990
>= 15.0.0 and < 16.0.0
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to
6.5
MEDIUM
CVE-2020-3989
>= 15.0.0 and < 16.0.0
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an ou
3.3
LOW
CVE-2020-3988
>= 15.0.0 and < 16.0.0
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado
6.1
MEDIUM
CVE-2020-3987
>= 15.0.0 and < 16.0.0
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado
6.1
MEDIUM
CVE-2020-3986
>= 15.0.0 and < 16.0.0
VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado
6.1
MEDIUM
CVE-2018-6957
>= 14.0 and < 14.1.1
VMware Workstation (14.x before 14.1.1, 12.x) and Fusion (10.x before 10.1.1 and 8.x) contain a denial-of-service vulnerability wh
5.3
MEDIUM
CVE-2017-4933
>= 12.0.0 and < 12.5.8
VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerabi
8.8
HIGH
CVE-2017-4925
>= 12.0.0 and < 12.5.3
VMware ESXi 6.5 without patch ESXi650-201707101-SG, ESXi 6.0 without patch ESXi600-201706101-SG, ESXi 5.5 without patch ESXi550-20
5.5
MEDIUM
CVE-2017-4924
>= 12.0.0 and < 12.5.7
VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain
8.8
HIGH
CVE-2017-4905
>= 12.0.0 and < 12.5.5
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703
5.5
MEDIUM
CVE-2017-4904
>= 12.0.0 and < 12.5.5
The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 witho
8.8
HIGH
CVE-2017-4903
>= 12.0.0 and < 12.5.5
VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703
8.8
HIGH
CVE-2017-4902
>= 12.0.0 and < 12.5.5
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior
8.8
HIGH
CVE-2017-4900
all versions
VMware Workstation Pro/Player 12.x before 12.5.3 contains a NULL pointer dereference vulnerability that exists in the SVGA driver.
5.5
MEDIUM
CVE-2017-4899
all versions
VMware Workstation Pro/Player 12.x before 12.5.3 contains a security vulnerability that exists in the SVGA driver. An attacker may
4.7
MEDIUM
CVE-2017-4898
all versions
VMware Workstation Pro/Player 12.x before 12.5.3 contains a DLL loading vulnerability that occurs due to the "vmware-vmx" process
8.8
HIGH
CVE-2017-4916
all versions
VMware Workstation Pro/Player contains a NULL pointer dereference vulnerability that exists in the vstor2 driver. Successful explo
6.5
MEDIUM
CVE-2017-4915
all versions
VMware Workstation Pro/Player contains an insecure library loading vulnerability via ALSA sound driver configuration files. Succes
7.8
HIGH
CVE-2016-7461
all versions
The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2
8.8
HIGH
CVE-2016-7086
all versions
The installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows allows loca
7.8
HIGH
CVE-2016-7085
all versions
Untrusted search path vulnerability in the installer in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12
7.8
HIGH
CVE-2016-7084
all versions
tpview.dll in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado
7.8
HIGH
CVE-2016-7083
all versions
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virt
7.8
HIGH
CVE-2016-7082
all versions
VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0 on Windows, when Cortado ThinPrint virt
7.8
HIGH
CVE-2016-7081
all versions
Multiple heap-based buffer overflows in VMware Workstation Pro 12.x before 12.5.0 and VMware Workstation Player 12.x before 12.5.0
7.8
HIGH
CVE-2016-5330
>= 12.1.0 and < 12.1.1
Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0
7.8
HIGH
Vulnerabilities
CISA KEV catalog
CWE weaknesses
CAPEC attack patterns
Package vulnerabilities
Threat intelligence
Threat actors
Tools & malware
ATT&CK techniques
IOCs
Detection & defense
Sigma rules
YARA rules
Atomic Red Team tests
D3FEND countermeasures
Compliance
NIST 800-53
ISO 27001:2022
SOC 2 TSC
PCI-DSS v4.0
CIS Controls v8.1
About
All capabilities
Live statistics
Data sources
Privacy policy
Terms of service
threatengine.sh · Open-source threat intelligence platform · 100+ authoritative sources · Every fact traces to its origin