Vulnerabilities > Vmware > Cloud Foundation > Medium

DATE CVE VULNERABILITY TITLE RISK
2020-06-25 CVE-2020-3971 Out-of-bounds Write vulnerability in VMWare products
VMware ESXi (6.7 before ESXi670-201904101-SG and 6.5 before ESXi650-201907101-SG), Workstation (15.x before 15.0.2), and Fusion (11.x before 11.0.2) contain a heap overflow vulnerability in the vmxnet3 virtual network adapter.
local
low complexity
vmware CWE-787
5.5
5.5
2020-06-25 CVE-2020-3965 Out-of-bounds Read vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller.
local
low complexity
vmware CWE-125
5.5
5.5
2020-06-25 CVE-2020-3964 Use of Uninitialized Resource vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller.
local
high complexity
vmware CWE-908
4.7
4.7
2020-06-25 CVE-2020-3963 Use After Free vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM.
local
low complexity
vmware CWE-416
5.5
5.5