Vulnerabilities > Vmware > Esxi

DATE CVE VULNERABILITY TITLE RISK
2020-06-25 CVE-2020-3968 Out-of-bounds Write vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI).
local
low complexity
vmware CWE-787
8.2
2020-06-25 CVE-2020-3967 Out-of-bounds Write vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI).
local
high complexity
vmware CWE-787
7.5
2020-06-25 CVE-2020-3966 Race Condition vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI).
local
high complexity
vmware CWE-362
7.5
2020-06-25 CVE-2020-3965 Out-of-bounds Read vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller.
local
low complexity
vmware CWE-125
5.5
2020-06-25 CVE-2020-3964 Use of Uninitialized Resource vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller.
local
high complexity
vmware CWE-908
4.7
2020-06-25 CVE-2020-3963 Use After Free vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM.
local
low complexity
vmware CWE-416
5.5
2020-06-24 CVE-2020-3962 Use After Free vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device.
local
low complexity
vmware CWE-416
8.2
2020-06-24 CVE-2020-3969 Off-by-one Error vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device.
local
high complexity
vmware CWE-193
7.8
2020-05-29 CVE-2020-3959 Memory Leak vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.1.0) and VMware Fusion (11.x before 11.1.0) contain a memory leak vulnerability in the VMCI module.
local
low complexity
vmware CWE-401
3.3
2020-05-29 CVE-2020-3958 Reachable Assertion vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), VMware Workstation (15.x before 15.5.2) and VMware Fusion (11.x before 11.5.2) contain a denial-of-service vulnerability in the shader functionality.
local
low complexity
vmware CWE-617
5.5