Vulnerabilities > Vmware > Workstation > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2020-10-20 | CVE-2020-3982 | Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.1-0.0.16850804, 6.7 before ESXi670-202008101-SG, 6.5 before ESXi650-202007101-SG), Workstation (15.x), Fusion (11.x before 11.5.6) contain an out-of-bounds write vulnerability due to a time-of-check time-of-use issue in ACPI device. | 7.7 |
| 2020-06-25 | CVE-2020-3968 | Out-of-bounds Write vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). | 8.2 |
| 2020-06-25 | CVE-2020-3967 | Out-of-bounds Write vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). | 7.5 |
| 2020-06-25 | CVE-2020-3966 | Race Condition vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). | 7.5 |
| 2020-06-24 | CVE-2020-3962 | Use After Free vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. | 8.2 |
| 2020-06-24 | CVE-2020-3969 | Off-by-one Error vulnerability in VMWare products VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. | 7.8 |
| 2020-03-16 | CVE-2020-3948 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Fusion and Workstation Linux Guest VMs running on VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a local privilege escalation vulnerability due to improper file permissions in Cortado Thinprint. | 7.8 |
| 2020-03-16 | CVE-2020-3947 | Use After Free vulnerability in VMWare Fusion and Workstation VMware Workstation (15.x before 15.5.2) and Fusion (11.x before 11.5.2) contain a use-after vulnerability in vmnetdhcp. | 8.8 |
| 2020-03-16 | CVE-2019-5543 | Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Horizon Client, Remote Console and Workstation For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. | 7.8 |
| 2019-12-23 | CVE-2019-5539 | Uncontrolled Search Path Element vulnerability in VMWare Horizon View Agent and Workstation VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. | 7.8 |