EUVD-2026-27149

Improper privilege management in the log rotation mechanism of the Skylight Workspace Config Service in Amazon WorkSpaces for Windows before 2.6.2034.0 allows a local non-admin authenticated user to place arbitrary files into arbitrary locations bypassing file system permission protections, leadi...

Amazon WorkSpaces 安全漏洞

Amazon WorkSpaces is a fully managed, persistent desktop virtualization service provided by Amazon, Inc. It allows your users to access the data, applications, and resources they need from any supported device, at any time. Versions of Amazon WorkSpaces prior to 2.6.2034.0 contained a security...

CVE-2025-12779

Improper handling of the authentication token in the Amazon WorkSpaces client for Linux, versions 2023.0 through 2024.8, may expose the authentication token for DCV-based WorkSpaces to other local users on the same client machine. Under certain circumstances, a local user may be able to extract...

Amazon WorkSpaces 安全漏洞

Amazon WorkSpaces is a fully managed persistent desktop virtualization service from Amazon.com, Inc. that lets your users access the data, applications, and resources they need anytime, anywhere, from any supported device. A security vulnerability exists in Amazon WorkSpaces version 2024.8 and...

EUVD-2025-1721

Malicious code in bioql PyPI...

EUVD-2021-30549

Malicious code in bioql PyPI...

EUVD-2021-30550

Malicious code in bioql PyPI...

EUVD-2022-25084

Malicious code in bioql PyPI...

EUVD-2025-1720

Malicious code in bioql PyPI...

CVE-2022-1805

When connecting to Amazon Workspaces, the SHA256 presented by AWS connection provisioner is not fully verified by Zero Clients. The issue could be exploited by an adversary that places a MITM Man in the Middle between a zero client and AWS session provisioner in the network. This issue is only...

CVE-2021-43637

Amazon WorkSpaces agent is affected by Buffer Overflow. IOCTL Handler 0x22001B in the Amazon WorkSpaces agent below v1.0.1.1537 allow local attackers to execute arbitrary code in kernel mode or cause a denial of service memory corruption and OS crash via specially crafted I/O Request Packet...

CVE-2025-0501

An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle...

CVE-2025-0500

An issue in the native clients for Amazon WorkSpaces when running Amazon DCV protocol, Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle...

Amazon WorkSpaces < 5.21.0 MITM

The version of Amazon WorkSpaces installed on the host is vulnerable to a man-in-the-middle vulnerability, allowing an attacker to access remote sessions. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

Amazon WorkSpaces < 5.22.1 MITM

The version of Amazon WorkSpaces installed on the host is vulnerable to a man-in-the-middle vulnerability, allowing an attacker to access remote sessions. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL...

Amazon Workspaces Client Installed (macOS)

Binary data amazonworkspacesclientmacosinstalled.nbin...

Amazon Workspaces Client Installed (Windows)

Binary data amazonworkspacesclientwininstalled.nbin...

CVE-2025-0501

An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle...

CVE-2025-0500

An issue in the native clients for Amazon WorkSpaces when running Amazon DCV protocol, Amazon AppStream 2.0, and Amazon DCV Clients may allow an attacker to access remote sessions via man-in-the-middle...

CVE-2025-0501 Issue affecting Amazon WorkSpaces Clients (when running PCoIP protocol)

An issue in the native clients for Amazon WorkSpaces when running PCoIP protocol may allow an attacker to access remote sessions via man-in-the-middle...