Cloud Foundation@4.0.0 Security Vulnerabilities and Issues — Cloud Foundation@4.0.0 CVE List

Lucene search

VmwareCloud Foundation4.0.0

10 matches found

CVE•added 2020/06/25 3:15 p.m.•104 views

CVE-2020-3963

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a use-after-free vulnerability in PVNVRAM. A malicious actor with local access to a virtual machine may b...

5.5CVSS5.9AI score0.00119EPSS

CVE•added 2020/06/25 3:15 p.m.•104 views

CVE-2020-3964

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the EHCI USB controller. A malicious actor with local access to a virtual machine ...

4.7CVSS5.5AI score0.00123EPSS

CVE•added 2020/06/25 3:15 p.m.•99 views

CVE-2020-3965

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain an information leak in the XHCI USB controller. A malicious actor with local access to a virtual machine ...

5.5CVSS6AI score0.00065EPSS

CVE•added 2020/06/24 4:15 p.m.•81 views

CVE-2020-3969

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an off-by-one heap-overflow vulnerability in the SVGA device. A malicious actor with local access to a vi...

7.8CVSS7.8AI score0.00115EPSS

CVE•added 2020/06/24 5:15 p.m.•79 views

CVE-2020-3962

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a use-after-free vulnerability in the SVGA device. A malicious actor with local access to a virtual machi...

8.2CVSS8.1AI score0.00129EPSS

CVE•added 2020/06/25 3:15 p.m.•74 views

CVE-2020-3966

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.2), and Fusion (11.x before 11.5.2) contain a heap-overflow due to a race condition issue in the USB 2.0 controller (EHCI). A malicious actor with lo...

7.5CVSS7.6AI score0.0011EPSS

CVE•added 2020/06/25 3:15 p.m.•70 views

CVE-2020-3967

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain a heap-overflow vulnerability in the USB 2.0 controller (EHCI). A malicious actor with local access to a ...

7.5CVSS7.6AI score0.00142EPSS

CVE•added 2020/06/25 3:15 p.m.•66 views

CVE-2020-3970

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in the Shader functionality. A malicious actor with non-administrativ...

3.8CVSS4.8AI score0.00084EPSS

CVE•added 2020/06/25 3:15 p.m.•62 views

CVE-2020-3968

VMware ESXi (7.0 before ESXi_7.0.0-1.20.16321839, 6.7 before ESXi670-202004101-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds write vulnerability in the USB 3.0 controller (xHCI). A malicious actor with local admin...

8.2CVSS8.1AI score0.00096EPSS

CVE•added 2021/10/13 4:15 p.m.•46 views

CVE-2021-22035

VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log I...

4.3CVSS4.5AI score0.00444EPSS