CVE-2025-58131

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

CVE-2025-58131

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

CVE-2025-58131 Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon - Race Condition

Race condition in the Zoom Workplace VDI Plugin macOS Universal installer for VMware Horizon before version 6.4.10 or before 6.2.15 and 6.3.12 in their respective tracks may allow an authenticated user to conduct a disclosure of information via network access...

PT-2025-36988

Name of the Vulnerable Software and Affected Versions: Zoom Workplace VDI Plugin versions prior to 6.4.10 Zoom Workplace VDI Plugin versions prior to 6.2.15 Zoom Workplace VDI Plugin versions prior to 6.3.12 Description: A race condition exists in the Zoom Workplace VDI Plugin macOS Universal...

Vulnerabilities fixed in VMware Horizon

VMware has fixed vulnerabilities in Horizon Server. A unauthenticated malicious party could exploit the vulnerabilities to gain access to system data, or through an HTTP-Request Smuggling potentially to gain access to sensitive data. The vulnerabilities are not present in the latest version of...

VMware Horizon Environment Issues Vulnerabilities

VMware Horizon is a suite of foundation platforms for virtual desktops and applications from VMware. The product enables end users to access all of their virtual desktops, applications and online services through a digital workspace. A security vulnerability exists in VMware Horizon Server that...

VMware Horizon 权限许可和访问控制问题漏洞

VMware Horizon is a suite of foundation platforms for virtual desktops and applications from VMware. The product enables end users to access all of their virtual desktops, applications and online services through a digital workspace. The VMware Horizon Client is vulnerable to a privilege-granting...

Vulnerabilities fixed in VMware Horizon Server and Client

Vulnerabilities have been fixed in VMware Horizon Server and Client. The vulnerabilities allow a malicious party to access system data and to execute arbitrary code under the user's privileges. VMware has released updates to fix the vulnerabilities. More information can be found on the page below...

CVE-2020-3977

VMware Horizon DaaS 7.x and 8.x before 8.0.1 Update 1 contains a broken authentication vulnerability due to a flaw in the way it handled the first factor authentication. Successful exploitation of this issue may allow an attacker to bypass two-factor authentication process. In order to exploit th...

Vulnerabilities fixed in VMware Workstation, Fusion and Horizon

Vulnerabilities have been fixed in VMware Workstation, Fusion and Horizon. The vulnerability with reference CVE-2020-3980 relates to VMware Fusion and allows a malicious party to obtain elevated user privileges. The remaining CVE characteristics enable a malicious person to cause a...

CVE-2020-3961

VMware Horizon Client for Windows prior to 5.4.3 contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user...

PT-2019-5512 · Openslp +5 · Openslp +6

Name of the Vulnerable Software and Affected Versions: VMware ESXi and Horizon DaaS affected versions not specified Description: The issue is related to a heap overwrite problem in OpenSLP as used in ESXi and the Horizon DaaS appliances. This can potentially allow a remote attacker to impact the...

VMware Horizon Security Bypass Vulnerability

VMware Horizon DaaS is a set of virtual desktop platforms from the U.S. company VMware VMware built specifically for delivering desktops and applications as a cloud computing service. The platform provides features such as multi-desktop mode and multi-data center management. A security...

CVE-2017-4897

VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitation of this...