Vulnerabilities > Vmware > Workstation > 15.5.1

DATE CVE VULNERABILITY TITLE RISK
2021-09-15 CVE-2020-3960 Out-of-bounds Read vulnerability in VMWare Fusion, Vsphere Esxi and Workstation
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality.
local
low complexity
vmware CWE-125
3.6
2020-12-21 CVE-2020-3999 NULL Pointer Dereference vulnerability in VMWare Esxi, Fusion and Workstation
VMware ESXi (7.0 prior to ESXi70U1c-17325551), VMware Workstation (16.x prior to 16.0 and 15.x prior to 15.5.7), VMware Fusion (12.x prior to 12.0 and 11.x prior to 11.5.7) and VMware Cloud Foundation contain a denial of service vulnerability due to improper input validation in GuestInfo.
local
low complexity
vmware CWE-476
2.1
2020-11-20 CVE-2020-4004 Use After Free vulnerability in VMWare products
VMware ESXi (7.0 before ESXi70U1b-17168206, 6.7 before ESXi670-202011101-SG, 6.5 before ESXi650-202011301-SG), Workstation (15.x before 15.5.7), Fusion (11.x before 11.5.7) contain a use-after-free vulnerability in the XHCI USB controller.
local
low complexity
vmware CWE-416
4.6
2020-10-20 CVE-2020-3981 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds read vulnerability due to a time-of-check time-of-use issue in ACPI device.
network
vmware CWE-367
3.5
2020-06-25 CVE-2020-3970 Out-of-bounds Read vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality.
local
vmware CWE-125
1.9
2020-06-25 CVE-2020-3968 Out-of-bounds Write vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI).
local
low complexity
vmware CWE-787
4.6
2020-06-25 CVE-2020-3967 Out-of-bounds Write vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI).
local
vmware CWE-787
4.4
2020-06-25 CVE-2020-3966 Race Condition vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI).
local
high complexity
vmware CWE-362
3.7
2020-06-25 CVE-2020-3965 Out-of-bounds Read vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller.
local
low complexity
vmware CWE-125
2.1
2020-06-25 CVE-2020-3964 Use of Uninitialized Resource vulnerability in VMWare products
VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller.
local
vmware CWE-908
1.9