📦 Workstation

This CVE describes a TOCTOU vulnerability in VMware ESXi and Workstation that allows local administrative users within a virtual machine to execute arbitrary code on the host system via the VMX proces...

CVE-2024-22267 is a use-after-free vulnerability in VMware Workstation and Fusion's vbluetooth device that allows a malicious actor with local administrative privileges on a virtual machine to execute...

This CVE describes a use-after-free vulnerability in VMware's XHCI USB controller that allows a malicious actor with local administrative privileges on a virtual machine to execute code on the host sy...

This vulnerability allows attackers with administrative privileges on a virtual machine to read memory from the host's vmx process, potentially exposing sensitive information. It affects VMware ESXi, ...

This vulnerability allows a malicious actor with local administrative privileges on a VMware virtual machine to read privileged information from hypervisor memory via the vbluetooth device. It affects...

This vulnerability allows an attacker with local administrative privileges on a VMware virtual machine to read privileged information from hypervisor memory via an out-of-bounds read in Bluetooth devi...

This vulnerability allows attackers to execute arbitrary code on the host system by exploiting a stack-based buffer overflow in VMware's Bluetooth sharing functionality. It affects users running VMwar...

CVE-2023-20854 is an arbitrary file deletion vulnerability in VMware Workstation that allows local authenticated users to delete any files on the system where Workstation is installed. This affects us...

This CVE describes a heap-overflow vulnerability in VMware's CD-ROM device emulation that could allow a malicious actor with access to a virtual machine to potentially execute code on the hypervisor. ...