IDCVSSSummaryLast (major) updatePublished
CVE-2017-16001 7.2
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.1, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
03-10-2019 - 00:03 06-11-2017 - 17:29
CVE-2017-16777 7.2
If HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.3 is installed but VMware Fusion is not, a local attacker can create a fake application directory and exploit the suid sudo helper in order to escalate to root.
03-10-2019 - 00:03 16-11-2017 - 15:29
CVE-2017-11741 7.2
HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.24 uses weak permissions for the sudo helper scripts, allows local users to execute arbitrary code with root privileges by overwriting one of the scripts.
03-10-2019 - 00:03 08-08-2017 - 19:29
CVE-2017-12579 7.2
An insecure suid wrapper binary in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 4.0.24 and earlier allows a non-root user to obtain a root shell.
03-10-2019 - 00:03 19-10-2017 - 13:29
CVE-2017-7642 7.2
The sudo helper in the HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) before 4.0.21 allows local users to gain root privileges by leveraging failure to verify the path to the encoded ruby script or scrub the PATH variable.
03-10-2019 - 00:03 02-08-2017 - 19:29
CVE-2017-16873 7.2
It is possible to exploit an unsanitized PATH in the suid binary that ships with vagrant-vmware-fusion 4.0.25 through 5.0.4 in order to escalate to root privileges.
03-10-2019 - 00:03 29-03-2018 - 22:29
CVE-2017-15884 6.9
In HashiCorp Vagrant VMware Fusion plugin (aka vagrant-vmware-fusion) 5.0.0, a local attacker or malware can silently subvert the plugin update process in order to escalate to root privileges.
03-10-2019 - 00:03 31-10-2017 - 18:29
CVE-2017-16512 7.2
The vagrant update process in Hashicorp vagrant-vmware-fusion 5.0.2 through 5.0.4 allows local users to steal root privileges via a crafted update request when no updates are available.
03-10-2019 - 00:03 29-03-2018 - 22:29
CVE-2017-16839 6.9
Hashicorp vagrant-vmware-fusion 5.0.4 allows local users to steal root privileges if VMware Fusion is not installed.
03-10-2019 - 00:03 29-03-2018 - 22:29
Back to Top Mark selected
Back to Top