VMware, provider of virtualization solutions, has released updates for 16 vulnerabilities across its product line.
The flaws affect VMware Workstation, Player, ACE, Server and ESX.
According to a US-CERT advisory on Tuesday, the vulnerabilities could be exploited to execute arbitrary code, cause a denial-of-service condition, assume elevated privileges or disclose information.
Three of the bugs are related to errors in ActiveX controls, Internet Server Application Programming Interface (ISAPI) and OpenProcess.
The French Security Incident Response Team rated the vulnerabilities "moderate risk." US-CERT encourages users to update to the latest versions.