Vmware Fusion
79 CVEs affecting Vmware Fusion. Latest disclosed: 2026-05-15. Critical: 4, High: 12.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2017-4901 | Critical | 9.9 | 2017-06-08 | The drag-and-drop (DnD) function in VMware Workstation 12.x before version 12.5.4 and Fusion 8.x before version 8.5.5 has an out-of-bounds memory access vulner… |
CVE-2025-41238 | Critical | 9.3 | 2025-07-15 | VMware ESXi, Workstation, and Fusion contain a heap-overflow vulnerability in the PVSCSI (Paravirtualized SCSI) controller that leads to an out of-bounds write… |
CVE-2025-41237 | Critical | 9.3 | 2025-07-15 | VMware ESXi, Workstation, and Fusion contain an integer-underflow in VMCI (Virtual Machine Communication Interface) that leads to an out-of-bounds write. A mal… |
CVE-2025-41236 | Critical | 9.3 | 2025-07-15 | VMware ESXi, Workstation, and Fusion contain an integer-overflow vulnerability in the VMXNET3 virtual network adapter. A malicious actor with local administrat… |
CVE-2017-4941 | High | 8.8 | 2017-12-20 | VMware ESXi (6.0 before ESXi600-201711101-SG, 5.5 ESXi550-201709101-SG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerabilit… |
CVE-2017-4933 | High | 8.8 | 2017-12-20 | VMware ESXi (6.5 before ESXi650-201710401-BG), Workstation (12.x before 12.5.8), and Fusion (8.x before 8.5.9) contain a vulnerability that could allow an auth… |
CVE-2017-4934 | High | 8.8 | 2017-11-17 | VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a gues… |
CVE-2017-4924 | High | 8.8 | 2017-09-15 | VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulner… |
CVE-2017-4904 | High | 8.8 | 2017-06-07 | The XHCI controller in VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG… |
CVE-2017-4903 | High | 8.8 | 2017-06-07 | VMware ESXi 6.5 without patch ESXi650-201703410-SG, 6.0 U3 without patch ESXi600-201703401-SG, 6.0 U2 without patch ESXi600-201703403-SG, 6.0 U1 without patch… |
CVE-2017-4902 | High | 8.8 | 2017-06-07 | VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro /… |
CVE-2016-7461 | High | 8.8 | 2016-12-29 | The drag-and-drop (aka DnD) function in VMware Workstation Pro 12.x before 12.5.2 and VMware Workstation Player 12.x before 12.5.2 and VMware Fusion and Fusion… |
CVE-2026-41702 | High | 7.8 | 2026-05-15 | VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with… |
CVE-2016-5330 | High | 7.8 | 2016-08-08 | Untrusted search path vulnerability in the HGFS (aka Shared Folders) feature in VMware Tools 10.0.5 in VMware ESXi 5.0 through 6.0, VMware Workstation Pro 12.1… |
CVE-2025-41239 | High | 7.1 | 2025-07-15 | VMware ESXi, Workstation, Fusion, and VMware Tools contains an information disclosure vulnerability due to the usage of an uninitialised memory in vSockets. A… |
CVE-2023-34044 | High | 7.1 | 2023-10-20 | VMware Workstation( 17.x prior to 17.5) and Fusion(13.x prior to 13.5) contain an out-of-bounds read vulnerability that exists in the functionality for sharin… |
CVE-2023-34046 | Medium | 6.7 | 2023-10-20 | VMware Fusion(13.x prior to 13.5) contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during installation for the first time (the user ne… |
CVE-2023-34045 | Medium | 6.6 | 2023-10-20 | VMware Fusion(13.x prior to 13.5) contains a local privilege escalation vulnerability that occurs during installation for the first time (the user needs to dr… |
CVE-2017-4938 | Medium | 6.5 | 2017-11-17 | VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a guest RPC NULL pointer dereference vulnerability. Successful exploitation of th… |
CVE-2015-6933 | Medium | 6.3 | 2016-01-09 | The VMware Tools HGFS (aka Shared Folders) implementation in VMware Workstation 11.x before 11.1.2, VMware Player 7.x before 7.1.2, VMware Fusion 7.x before 7… |