The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a database and tools to fix them.

Computer vulnerabilities of VMware Workstation

cybersecurity vulnerability CVE-2019-5521 CVE-2019-5684

VMware ESXi, Workstation: two vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of VMware ESXi and Workstation.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 05/08/2019.
Identifiers: CERTFR-2019-AVI-370, CVE-2019-5521, CVE-2019-5684, TALOS-2019-0757, TALOS-2019-0779, VIGILANCE-VUL-29943, VMSA-2019-0012.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of VMware ESXi and Workstation.
Full Vigil@nce bulletin... (Free trial)

computer weakness note CVE-2019-5525

VMware Workstation Linux: use after free via ALSA Backend

Synthesis of the vulnerability

An attacker can force the usage of a freed memory area via ALSA Backend of VMware Workstation Linux, in order to trigger a denial of service, and possibly to run code.
Severity: 2/4.
Creation date: 06/06/2019.
Identifiers: CERTFR-2019-AVI-253, CVE-2019-5525, VIGILANCE-VUL-29472, VMSA-2019-0009.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can force the usage of a freed memory area via ALSA Backend of VMware Workstation Linux, in order to trigger a denial of service, and possibly to run code.
Full Vigil@nce bulletin... (Free trial)

vulnerability alert CVE-2019-5526

VMware Workstation: executing DLL code

Synthesis of the vulnerability

An attacker can create a malicious DLL, and then put it in the current directory of VMware Workstation, in order to execute code.
Severity: 2/4.
Creation date: 15/05/2019.
Identifiers: CERTFR-2019-AVI-217, CVE-2019-5526, VIGILANCE-VUL-29307, VMSA-2019-0007.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can create a malicious DLL, and then put it in the current directory of VMware Workstation, in order to execute code.
Full Vigil@nce bulletin... (Free trial)

threat CVE-2019-5514 CVE-2019-5515 CVE-2019-5518

VMware ESXi/Workstation: multiple vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of VMware ESXi/Workstation.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 5.
Creation date: 29/03/2019.
Revision date: 18/04/2019.
Identifiers: CERTFR-2019-AVI-136, CVE-2019-5514, CVE-2019-5515, CVE-2019-5518, CVE-2019-5519, CVE-2019-5524, VIGILANCE-VUL-28896, VMSA-2019-0005, ZDI-19-420, ZDI-19-421, ZDI-19-516.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of VMware ESXi/Workstation.
Full Vigil@nce bulletin... (Free trial)

computer weakness note CVE-2019-5516 CVE-2019-5517 CVE-2019-5520

VMware ESXi/Workstation: three vulnerabilities

Synthesis of the vulnerability

An attacker can use several vulnerabilities of VMware ESXi/Workstation.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 3.
Creation date: 12/04/2019.
Revision date: 18/04/2019.
Identifiers: CERTFR-2019-AVI-167, CVE-2019-5516, CVE-2019-5517, CVE-2019-5520, VIGILANCE-VUL-29032, VMSA-2019-0006, ZDI-19-369.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities of VMware ESXi/Workstation.
Full Vigil@nce bulletin... (Free trial)

cybersecurity vulnerability CVE-2019-5511 CVE-2019-5512

VMware Workstation: two vulnerabilities via VMX Process

Synthesis of the vulnerability

An attacker can use several vulnerabilities via VMX Process of VMware Workstation.
Severity: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 15/03/2019.
Identifiers: CVE-2019-5511, CVE-2019-5512, VIGILANCE-VUL-28755, VMSA-2019-0002.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker can use several vulnerabilities via VMX Process of VMware Workstation.
Full Vigil@nce bulletin... (Free trial)

cybersecurity alert CVE-2018-6983

VMware Workstation: integer overflow via Virtual Network Device

Synthesis of the vulnerability

An attacker, inside a guest system, can generate an integer overflow via Virtual Network Device of VMware Workstation, in order to trigger a denial of service, and possibly to run code on the host system.
Severity: 2/4.
Creation date: 23/11/2018.
Identifiers: CERTFR-2018-AVI-569, CVE-2018-6983, VIGILANCE-VUL-27868, VMSA-2018-0030.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can generate an integer overflow via Virtual Network Device of VMware Workstation, in order to trigger a denial of service, and possibly to run code on the host system.
Full Vigil@nce bulletin... (Free trial)

computer threat bulletin CVE-2018-6981 CVE-2018-6982

VMware ESXi/Workstation: information disclosure via vmxnet3

Synthesis of the vulnerability

A local attacker, inside a guest system, can read a memory fragment via vmxnet3 of VMware ESXi/Workstation, in order to obtain sensitive information on the host system.
Severity: 1/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 09/11/2018.
Identifiers: CERTFR-2018-AVI-542, CVE-2018-6981, CVE-2018-6982, VIGILANCE-VUL-27750, VMSA-2018-0027.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

A local attacker, inside a guest system, can read a memory fragment via vmxnet3 of VMware ESXi/Workstation, in order to obtain sensitive information on the host system.
Full Vigil@nce bulletin... (Free trial)

threat alert CVE-2018-6974

VMware ESXi, Workstation: privilege escalation via SVGA Device

Synthesis of the vulnerability

An attacker, inside a guest system, can bypass restrictions via SVGA Device of VMware ESXi, Workstation, in order to escalate his privileges on the host system.
Severity: 2/4.
Creation date: 17/10/2018.
Identifiers: CERTFR-2018-AVI-493, CVE-2018-6974, VIGILANCE-VUL-27545, VMSA-2018-0026.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can bypass restrictions via SVGA Device of VMware ESXi, Workstation, in order to escalate his privileges on the host system.
Full Vigil@nce bulletin... (Free trial)

computer threat alert CVE-2018-6977

VMware ESXi/Workstation: infinite loop via 3D-rendering Shader

Synthesis of the vulnerability

An attacker, inside a guest system, can generate an infinite loop via 3D-rendering Shader of VMware ESXi/Workstation, in order to trigger a denial of service on the host system.
Severity: 2/4.
Creation date: 10/10/2018.
Identifiers: CVE-2018-6977, TALOS-2018-0589, VIGILANCE-VUL-27453.
Full Vigil@nce bulletin... (Free trial)

Description of the vulnerability

An attacker, inside a guest system, can generate an infinite loop via 3D-rendering Shader of VMware ESXi/Workstation, in order to trigger a denial of service on the host system.
Full Vigil@nce bulletin... (Free trial)
Our database contains other pages. You can request a free trial to read them.

Display information about VMware Workstation: