6 matches found
CVE-2019-5527
CVE-2019-5527 is a use-after-free in the virtual sound device affecting VMware ESXi, Workstation, Fusion, VMRC and Horizon Client. The issue allows a local attacker with low privileges on a guest to potentially execute code on the host, with impact on confidentiality, integrity and availability d...
CVE-2022-22964
CVE-2022-22964 affects VMware Horizon Agent for Linux (prior to 22.x). The issue is a local privilege escalation due to a vulnerable configuration file, allowing a low-privileged user with local access to escalate to root. CVSS info in the sourcing documents indicates high impact with LOCAL attac...
CVE-2022-22962
CVE-2022-22962 affects VMware Horizon Agent for Linux (prior to 22.x). It is a local privilege escalation via a vulnerable symbolic link that allows a low-privileged user to change the default shared folder location and potentially link to a root-owned file. Impact is local privilege escalation w...
CVE-2022-22938
CVE-2022-22938 affects VMware Workstation 16.x (before 16.2.2) and Horizon Client for Windows 5.x (before 5.5.3). The vulnerability lies in the Cortado ThinPrint component’s TrueType font parser, allowing a local attacker with VM or remote desktop access to trigger a denial‑of‑service in the Thin...
CVE-2019-5513
CVE-2019-5513 affects VMware Horizon Connection Server. Affected products/versions include Horizon 7.x prior to 7.8, Horizon 7.5.x prior to 7.5.2, and Horizon 6.x prior to 6.2.8. The vulnerability is an information-disclosure flaw that can allow disclosure of internal domain names, the Connection...
CVE-2020-3997
CVE-2020-3997 is a Cross Site Scripting (XSS) vulnerability in VMware Horizon Server (affecting 7.x prior to 7.10.3 or 7.13.0). VMware describes that the server does not correctly validate user input, allowing an attacker to inject and execute malicious scripts. The issue is addressed in VMware’s...