The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.
VMware ESXi (ESXi 6.5 without patch ESXi650-201707101-SG), Workstation (12.x before 12.5.7) and Fusion (8.x before 8.5.8) contain an out-of-bounds write vulnerability in SVGA device. This issue may allow a guest to execute code on the host.
Base Score: 7.2
Impact Score: 10
Exploitability Score: 3.9
Base Score: 8.8
Impact Score: 6
Exploitability Score: 2
|103380||VMware Workstation 12.x < 12.5.7 Multiple Vulnerabilities (VMSA-2017-0015)||Nessus||Windows|
|103379||VMware Workstation 12.x < 12.5.7 Multiple Vulnerabilities (VMSA-2017-0015) (Linux)||Nessus||General|
|103376||ESXi 6.5 < Build 5969300 Multiple Vulnerabilities (VMSA-2017-0015) (remote check)||Nessus||Misc.|
|103374||VMware Fusion 8.x < 8.5.8 SVGA Code Execution Vulnerability (VMSA-2017-0015) (macOS)||Nessus||MacOS X Local Security Checks|
|103357||VMSA-2017-0015 : VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities||Nessus||VMware ESX Local Security Checks|