Vulnerabilities > Vmware > Fusion

DATE CVE VULNERABILITY TITLE RISK
2023-04-25 CVE-2023-20870 Out-of-bounds Read vulnerability in VMWare Fusion and Workstation
VMware Workstation and Fusion contain an out-of-bounds read vulnerability that exists in the functionality for sharing host Bluetooth devices with the virtual machine.
local
low complexity
vmware CWE-125
6.0
6.0
2023-04-25 CVE-2023-20871 Unspecified vulnerability in VMWare Fusion 13.0.0/13.0.1
VMware Fusion contains a local privilege escalation vulnerability.
local
low complexity
vmware
7.8
7.8
2023-04-25 CVE-2023-20872 Out-of-bounds Write vulnerability in VMWare Fusion and Workstation
VMware Workstation and Fusion contain an out-of-bounds read/write vulnerability in SCSI CD/DVD device emulation.
local
low complexity
vmware CWE-787
8.8
8.8
2022-12-14 CVE-2022-31705 Out-of-bounds Write vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi, Workstation, and Fusion contain a heap out-of-bounds write vulnerability in the USB 2.0 controller (EHCI).
local
low complexity
vmware CWE-787
8.2
8.2
2022-02-16 CVE-2021-22040 Use After Free vulnerability in VMWare products
VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller.
local
low complexity
vmware CWE-416
6.7
6.7
2022-02-16 CVE-2021-22041 Unspecified vulnerability in VMWare products
VMware ESXi, Workstation, and Fusion contain a double-fetch vulnerability in the UHCI USB controller.
local
low complexity
vmware
6.7
6.7
2022-02-16 CVE-2021-22043 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Esxi and Fusion
VMware ESXi contains a TOCTOU (Time-of-check Time-of-use) vulnerability that exists in the way temporary files are handled.
network
high complexity
vmware CWE-367
7.5
7.5
2022-01-04 CVE-2021-22045 Out-of-bounds Write vulnerability in VMWare products
VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion (12.2.0) contains a heap-overflow vulnerability in CD-ROM device emulation.
local
high complexity
vmware CWE-787
7.8
7.8
2021-09-15 CVE-2020-3960 Out-of-bounds Read vulnerability in VMWare Fusion, Vsphere Esxi and Workstation
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality.
local
low complexity
vmware CWE-125
8.4
8.4
2020-12-21 CVE-2020-3999 Improper Input Validation vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo.
local
low complexity
vmware CWE-20
6.5
6.5