Lucene search
K
VmwareHorizon

6 matches found

CVE
CVE
added 2019/10/10 4:28 p.m.708 views

CVE-2019-5527

CVE-2019-5527 is a use-after-free in the virtual sound device affecting VMware ESXi, Workstation, Fusion, VMRC and Horizon Client. The issue allows a local attacker with low privileges on a guest to potentially execute code on the host, with impact on confidentiality, integrity and availability d...

8.8CVSS8.6AI score0.00303EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.192 views

CVE-2022-22964

CVE-2022-22964 affects VMware Horizon Agent for Linux (prior to 22.x). The issue is a local privilege escalation due to a vulnerable configuration file, allowing a low-privileged user with local access to escalate to root. CVSS info in the sourcing documents indicates high impact with LOCAL attac...

7.8CVSS7.8AI score0.00231EPSS
CVE
CVE
added 2022/04/11 7:38 p.m.120 views

CVE-2022-22962

CVE-2022-22962 affects VMware Horizon Agent for Linux (prior to 22.x). It is a local privilege escalation via a vulnerable symbolic link that allows a low-privileged user to change the default shared folder location and potentially link to a root-owned file. Impact is local privilege escalation w...

7.8CVSS7.6AI score0.00288EPSS
CVE
CVE
added 2022/01/28 7:9 p.m.99 views

CVE-2022-22938

CVE-2022-22938 affects VMware Workstation 16.x (before 16.2.2) and Horizon Client for Windows 5.x (before 5.5.3). The vulnerability lies in the Cortado ThinPrint component’s TrueType font parser, allowing a local attacker with VM or remote desktop access to trigger a denial‑of‑service in the Thin...

6.5CVSS6.4AI score0.00365EPSS
CVE
CVE
added 2019/04/09 7:30 p.m.82 views

CVE-2019-5513

CVE-2019-5513 affects VMware Horizon Connection Server. Affected products/versions include Horizon 7.x prior to 7.8, Horizon 7.5.x prior to 7.5.2, and Horizon 6.x prior to 6.2.8. The vulnerability is an information-disclosure flaw that can allow disclosure of internal domain names, the Connection...

5.3CVSS5.1AI score0.01232EPSS
Web
CVE
CVE
added 2020/10/23 1:49 p.m.68 views

CVE-2020-3997

CVE-2020-3997 is a Cross Site Scripting (XSS) vulnerability in VMware Horizon Server (affecting 7.x prior to 7.10.3 or 7.13.0). VMware describes that the server does not correctly validate user input, allowing an attacker to inject and execute malicious scripts. The issue is addressed in VMware’s...

5.4CVSS5.5AI score0.00661EPSS