Lucene search
+L

123 matches found

NVD
NVD
added 2019/12/06 4:15 p.m.27 views

CVE-2019-5544

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8...

9.8CVSS9.4AI score0.96823EPSS
Exploits1References9
OSV
OSV
added 2019/12/06 4:15 p.m.2 views

CVE-2019-5544

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8...

9.8CVSS7.2AI score0.96823EPSS
Exploits1References9
OSV
OSV
added 2019/12/06 4:15 p.m.8 views

AZL-36968 CVE-2019-5544 affecting package openslp for versions less than 2.0.0-26

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8...

9.8CVSS7.2AI score0.96823EPSS
Exploits1References1
OSV
OSV
added 2019/12/06 4:15 p.m.7 views

AZL-7321 CVE-2019-5544 affecting package openslp for versions less than 2.0.0-26

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8...

9.8CVSS7.2AI score0.96823EPSS
Exploits1References1
CVE
CVE
added 2019/12/06 3:54 p.m.1686 views

CVE-2019-5544

CVE-2019-5544 refers to a heap-based buffer overflow in OpenSLP used by VMware ESXi and Horizon DaaS, triggered by processing URLs in service requests to port 427. The root cause is improper bounds checking in the OpenSLP slpd service (ProcessSrvRqst), enabling remote code execution via a crafted...

9.8CVSS9.2AI score0.96823EPSS
In wildExploits1References9Affected Software2
OSV
OSV
added 2019/12/06 5:0 a.m.3 views

UBUNTU-CVE-2019-5544

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8...

9.8CVSS7.2AI score0.96823EPSS
Exploits1References5
UbuntuCve
UbuntuCve
added 2019/12/06 5:0 a.m.32 views

CVE-2019-5544

OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8...

9.8CVSS7.1AI score0.96823EPSS
Exploits1References4
CISA
CISA
added 2019/12/06 12:0 a.m.15 views

VMware Releases Security Updates for ESXi and Horizon DaaS

VMware has released security updates to address a vulnerability in ESXi and Horizon DaaS. An attacker could exploit this vulnerability to take control of an affected system. The Cybersecurity and Infrastructure Security Agency CISA encourages users and administrators to review VMware Security...

6.7AI score
Exploits0References1
Symantec
Symantec
added 2019/12/06 12:0 a.m.59 views

OpenSLP CVE-2019-5544 Heap Memory Corruption Vulnerability

Description OpenSLP is prone to a heap-memory-corruption vulnerability. An attacker can exploit this issue to crash the affected application or execute arbitrary code within the context of the affected application. OpenSLP 1.2.1 and 2.0.0 are vulnerable; other versions may also be affected...

1AI score0.96823EPSS
Exploits1References1Affected Software3
VMware
VMware
added 2019/12/05 12:0 a.m.70 views

VMware ESXi and Horizon DaaS updates address OpenSLP remote code execution vulnerability (CVE-2019-5544)

1. Impacted Products VMware ESXi VMware Horizon DaaS 2. Introduction A vulnerability in OpenSLP was privately reported to VMware. Patches and workarounds are available to address this vulnerability in affected VMware products. 3. VMware ESXi and Horizon DaaS updates address OpenSLP remote code...

7.5CVSS10AI score0.96823EPSS
Exploits1References12Affected Software2
VMware
VMware
added 2019/12/03 12:0 a.m.136 views

VMSA-2019-0022:VMware ESXi and Horizon DaaS updates address OpenSLP remote code execution vulnerability

VMware Security Advisories Advisory ID| VMSA-2019-0022.1 ---|--- Advisory Severity| Critical CVSSv3 Range| 9.8 Synopsis| VMware ESXi and Horizon DaaS updates address OpenSLP remote code execution vulnerability CVE-2019-5544 Issue Date| 2019-12-05 Updated On| 2020-05-08 CVEs| CVE-2019-5544 1...

9.8CVSS10AI score0.96823EPSS
Exploits1References35Affected Software2
Citrix
Citrix
added 2018/09/28 12:0 a.m.15 views

How to use GPMC to manage Citrix Policies (GPOs) for your DaaS environment

This article describes the required steps to be able to correctly setup and configure the management of Citrix Policies using Microsoft's Group Policy Management Console gpmc from a machine other than a Citrix Delivery Controller DDC...

6.9AI score
Exploits0
Prion
Prion
added 2018/04/20 1:29 p.m.22 views

Authentication flaw

VMware Horizon DaaS 7.x before 8.0.0 contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS...

6.5CVSS8.7AI score0.02572EPSS
Exploits0References3Affected Software1
NVD
NVD
added 2018/04/20 1:29 p.m.17 views

CVE-2018-6960

VMware Horizon DaaS 7.x before 8.0.0 contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS...

8.8CVSS8.8AI score0.02572EPSS
Exploits0References3
OSV
OSV
added 2018/04/20 1:29 p.m.5 views

CVE-2018-6960

VMware Horizon DaaS 7.x before 8.0.0 contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS...

8.8CVSS5.8AI score0.02572EPSS
Exploits0References3
CVE
CVE
added 2018/04/20 1:0 p.m.59 views

CVE-2018-6960

VMware Horizon DaaS (7.x before 8.0.0) is affected by a broken authentication vulnerability that may allow bypass of two-factor authentication when an attacker has a legitimate Horizon DaaS account. The issue is addressed by VMware in VMSA-2018-0010; remediation is to apply the Horizon DaaS updat...

8.8CVSS8.7AI score0.02572EPSS
Exploits0References3Affected Software1
Cvelist
Cvelist
added 2018/04/20 1:0 p.m.24 views

CVE-2018-6960

VMware Horizon DaaS 7.x before 8.0.0 contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS...

8.8AI score0.02572EPSS
Exploits0References3
VMware
VMware
added 2018/04/19 12:0 a.m.535 views

Horizon DaaS update addresses a broken authentication issue

VMware Horizon DaaS Broken authentication issue in Horizon DaaS Horizon DaaS contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS. VMware woul...

6.5CVSS2.2AI score0.02572EPSS
Exploits0References1Affected Software1
NVD
NVD
added 2017/05/31 2:29 p.m.15 views

CVE-2017-4897

VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitation of this...

7.1CVSS5.5AI score0.01148EPSS
Exploits0References3
Prion
Prion
added 2017/05/31 2:29 p.m.19 views

Input validation

VMware Horizon DaaS before 7.0.0 contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitation of this...

7.1CVSS5.4AI score0.01148EPSS
Exploits0References3Affected Software1
Rows per page
Query Builder