CVSS: 8.2EPSS: 0%CPEs: 180EXPL: 0CVE-2020-3968 – VMware Workstation xHCI Isoch TD Out-Of-Bounds Write Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3968
25 Jun 2020 — VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local administrative privileges on a virtual machine may be able to exploit this issue to crash the virtual machine's vmx process leading to a denial of service condition or execute code on the hypervisor from a virtual mach... • https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-787: Out-of-bounds Write •
CVSS: 7.5EPSS: 0%CPEs: 180EXPL: 0CVE-2020-3967 – VMware Workstation EHCI Heap-based Buffer Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3967
25 Jun 2020 — VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a virtual machine may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for exploitation to be possib... • https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-787: Out-of-bounds Write •
CVSS: 3.8EPSS: 0%CPEs: 180EXPL: 0CVE-2020-3970 – VMware Workstation Shader Bytecode Parsing Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2020-3970
25 Jun 2020 — VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrative local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to crash the virtual machine's vmx process leading to a partial denial of service condition. VMware ESXi (vers... • https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-125: Out-of-bounds Read •
CVSS: 8.2EPSS: 0%CPEs: 180EXPL: 0CVE-2020-3962 – VMware Workstation SVGA DXInvalidateContext Use-After-Free Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3962
24 Jun 2020 — VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. VMware ESXi (versiones 7.0 anteriores a ESXi_7.0.0-1.20.16321839, versiones 6.7 anter... • https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-416: Use After Free •
CVSS: 8.8EPSS: 0%CPEs: 180EXPL: 0CVE-2020-3969 – VMware Workstation SVGA3D Command Heap Overflow Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3969
24 Jun 2020 — VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a virtual machine with 3D graphics enabled may be able to exploit this vulnerability to execute code on the hypervisor from a virtual machine. Additional conditions beyond the attacker's control must be present for ex... • https://www.vmware.com/security/advisories/VMSA-2020-0015.html • CWE-193: Off-by-one Error •