VMware ESXi, Fusion and Workstation contain an out-of-bounds read vulnerability in SVGA device. This issue may allow a guest to execute code on the host.

https://www.vmware.com/security/advisories/VMSA-2018-0026.html