Total vulnerabilities in the database
VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory.
| Software | From | Fixed in |
|---|---|---|
| vmware / vsphere_esxi | 6.5-650-201810002 | 6.5-650-201810002.x |
| vmware / vsphere_esxi | 6.5-650-201811001 | 6.5-650-201811001.x |
| vmware / vsphere_esxi | 6.5-650-201901001 | 6.5-650-201901001.x |
| vmware / vsphere_esxi | 6.5-650-201903001 | 6.5-650-201903001.x |
| vmware / vsphere_esxi | 6.5-650-201905001 | 6.5-650-201905001.x |
| vmware / fusion | 11.0.0 | 11.5.5 |
| vmware / workstation | 15.0.0 | 15.5.5 |
| vmware / vsphere_esxi | 6.5-650-201806001 | 6.5-650-201806001.x |
| vmware / vsphere_esxi | 6.5-650-201803001 | 6.5-650-201803001.x |
| vmware / vsphere_esxi | 6.5-650-201712001 | 6.5-650-201712001.x |
| vmware / vsphere_esxi | 6.5-650-201710001 | 6.5-650-201710001.x |
| vmware / vsphere_esxi | 6.5-650-201704001 | 6.5-650-201704001.x |
| vmware / vsphere_esxi | 6.5-650-201703002 | 6.5-650-201703002.x |
| vmware / vsphere_esxi | 6.5-650-201703001 | 6.5-650-201703001.x |
| vmware / vsphere_esxi | 6.5-650-201701001 | 6.5-650-201701001.x |
| vmware / vsphere_esxi | 6.5-650-201808001 | 6.5-650-201808001.x |
| vmware / vsphere_esxi | 6.5-650-201810001 | 6.5-650-201810001.x |
| vmware / vsphere_esxi | 6.5-650-201908001 | 6.5-650-201908001.x |
| vmware / vsphere_esxi | 6.5-650-201910001 | 6.5-650-201910001.x |
| vmware / vsphere_esxi | 6.7 | 6.7.x |
| vmware / vsphere_esxi | 6.7-670-201911001 | 6.7-670-201911001.x |
| vmware / vsphere_esxi | 6.7-670-202004001 | 6.7-670-202004001.x |
| vmware / vsphere_esxi | 6.5 | 6.5.x |