CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vmware: >> Fusion >> 5.0.2 Security Vulnerabilities

CVE-2026-41702

VMware Fusion contains a TOCTOU (Time-of-check Time-of-use) vulnerability that occurs during an operation performed by a SETUID binary. A malicious actor with local non-administrative user privileges may exploit this vulnerability to escalate privileges to root on the system where Fusion is installed.

CVSS Score

7.8

EPSS Score

0.001

Published

2026-05-15

CVE-2013-3519

lgtosync.sys in VMware Workstation 9.x before 9.0.3, VMware Player 5.x before 5.0.3, VMware Fusion 5.x before 5.0.4, VMware ESXi 4.0 through 5.1, and VMware ESX 4.0 and 4.1, when a 32-bit Windows guest OS is used, allows guest OS users to gain guest OS privileges via an application that performs a crafted memory allocation.

CVSS Score

7.9

EPSS Score

0.005

Published

2013-12-04

Page 1

Vulnerabilities

Vulnerable Software

Vmware: >> Fusion >> 5.0.2 Security Vulnerabilities

Products

Pricing

Contact Us