CVE-2020-3960

HIGH Year: 2020
CVSS v3 Score
8.4
High
CVSS v2 Score
3.6
Low
Weakness Type
CWE-125
View all →

Vulnerability Description

VMware ESXi (6.7 before ESXi670-202006401-SG and 6.5 before ESXi650-202005401-SG), Workstation (15.x before 15.5.5), and Fusion (11.x before 11.5.5) contain an out-of-bounds read vulnerability in NVMe functionality. A malicious actor with local non-administrative access to a virtual machine with a virtual NVMe controller present may be able to read privileged information contained in physical memory.

Related Vulnerabilities

CVE-1999-0029

HIGH
CVSS:8.4(High)

root privileges via buffer overflow in ordist command on SGI IRIX systems.

CWE-1251999

CVE-2016-20022

HIGH
CVSS:8.4(High)

In the Linux kernel before 4.8, usb_parse_endpoint in drivers/usb/core/config.c does not validate the wMaxPacketSize field of an endpoint descriptor. NOTE: This vulnerability only affects products tha...

CWE-1252016

CVE-2017-6295

HIGH
CVSS:8.4(High)

NVIDIA TrustZone Software contains a vulnerability in the Keymaster implementation where the software reads data past the end, or before the beginning, of the intended buffer; and may lead to denial o...

CWE-1252017

CVE-2022-0393

HIGH
CVSS:8.4(High)

Out-of-bounds Read in GitHub repository vim/vim prior to 8.2.

CWE-1252022

CVE-2022-1276

HIGH
CVSS:8.4(High)

Out-of-bounds Read in mrb_get_args in GitHub repository mruby/mruby prior to 3.2. Possible arbitrary code execution if being exploited.

CWE-1252022