The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
VMware ESXi 6.5 without patch ESXi650-201703410-SG and 5.5 without patch ESXi550-201703401-SG; Workstation Pro / Player 12.x prior to 12.5.5; and Fusion Pro / Fusion 8.x prior to 8.5.6 have a Heap Buffer Overflow in SVGA. This issue may allow a guest to execute code on the host.
Base Score: 7.2
Impact Score: 10
Exploitability Score: 3.9
Base Score: 8.8
Impact Score: 6
Exploitability Score: 2
|99105||VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006)||Nessus||Windows|
|99104||VMware Workstation 12.x < 12.5.5 Multiple Vulnerabilities (VMSA-2017-0006) (Linux)||Nessus||General|
|99103||VMware Fusion 8.x < 8.5.6 Multiple Vulnerabilities (VMSA-2017-0006) (macOS)||Nessus||MacOS X Local Security Checks|
|99102||VMSA-2017-0006 : VMware ESXi, Workstation and Fusion updates address critical and moderate security issues||Nessus||VMware ESX Local Security Checks|