Lucene search
+L
VmwareHorizon Client

25 matches found

CVE
CVE
added 2020/03/17 6:41 p.m.1215 views

CVE-2020-3950

Mode C: CVE-2020-3950 affects VMware Fusion (11.x up to 11.5.1/11.5.2), VMware Remote Console for Mac (11.x up to 11.0.1), and Horizon Client for Mac (5.x up to 5.4.0). Root cause: improper use of setuid binaries enabling local privilege escalation from a normal user to root on systems running th...

7.8CVSS7.8AI score0.07254EPSS
In wild
CVE
CVE
added 2018/08/13 9:0 p.m.834 views

CVE-2018-6970

Summary of CVE-2018-6970 (VMware Horizon): A out-of-bounds read in the Message Framework library affects VMware Horizon components. Affected products/versions include Horizon 6 (before 6.2.7), Horizon 7 (before 7.5.1), and Horizon Client (4.x before 4.8.1). The flaw may allow a less-privileged us...

6.5CVSS6AI score0.01781EPSS
CVE
CVE
added 2023/08/04 11:18 a.m.304 views

CVE-2023-34037

VMware Horizon Server is affected by CVE-2023-34037: an HTTP request smuggling vulnerability that an attacker with network access can potentially exploit to smuggle HTTP requests. The issue is associated with VMware Horizon Server and is described in VMSA-2023-0017, with a CVSSv3.1 base score of ...

5.3CVSS5.1AI score0.00395EPSS
CVE
CVE
added 2023/08/04 11:24 a.m.276 views

CVE-2023-34038

CVE-2023-34038 affects VMware Horizon Server. The information-disclosure vulnerability allows a network-authenticated attacker to access information relating to the internal network configuration. The available public details (NVD/NCSC) cite a moderate impact (CVSSv3.1 base score 5.3). VMware’s a...

5.3CVSS5AI score0.00409EPSS
CVE
CVE
added 2020/03/17 6:41 p.m.264 views

CVE-2020-3951

CVE-2020-3951 describes a heap-overflow DoS in Cortado Thinprint affecting VMware Workstation 15.x (prior to 15.5.2) and Horizon Client for Windows 5.x (prior to 5.4.0). Exploitation requires non-administrative access to a guest VM with virtual printing enabled and targets the Thinprint service o...

3.8CVSS4.5AI score0.00274EPSS
CVE
CVE
added 2020/03/16 5:24 p.m.258 views

CVE-2019-5543

CVE-2019-5543 affects VMware Horizon Client for Windows (5.x and earlier), VMware Remote Console for Windows (10.x before 11.0.0), and VMware Workstation for Windows (15.x before 15.5.2). Root cause: the folder with the VMware USB arbitration service configuration was writable by all users, enabl...

7.8CVSS8.2AI score0.00391EPSS
CVE
CVE
added 2020/06/15 3:18 p.m.186 views

CVE-2020-3961

CVE-2020-3961 affects VMware Horizon Client for Windows (before 5.4.3). The root cause is a privilege-escalation flaw caused by folder permission configuration and unsafe loading of libraries, enabling a local user to execute commands with higher privileges. Multiple sources confirm the vulnerabl...

7.8CVSS7.8AI score0.00372EPSS
CVE
CVE
added 2020/07/10 1:14 p.m.166 views

CVE-2020-3974

CVE-2020-3974 affects VMware Fusion 11.x (pre-11.5.5), VMware Remote Console for Mac 11.x (pre-11.2.0), and Horizon Client for Mac 5.x (pre-5.4.3). It is a local privilege-escalation due to improper XPC Client validation, allowing a normal-privilege user to gain root access. Exploitation requires...

7.8CVSS8AI score0.00359EPSS
CVE
CVE
added 2020/05/29 7:37 p.m.118 views

CVE-2020-3957

Summary of CVE-2020-3957 : VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior), and VMware Horizon Client for Mac (5.x and prior) contain a local privilege-escalation vulnerability caused by a Time-of-check Time-of-use (TOCTOU) issue in the service opener. Successfu...

7CVSS7.1AI score0.00206EPSS
CVE
CVE
added 2015/06/13 2:0 p.m.90 views

CVE-2015-2340

CVE-2015-2340 affects VMware desktop products on Windows: TPInt.dll (and related TPView.dll) memory handling flaws in VMware Workstation 10.x before 10.0.6, 11.x before 11.1.1; VMware Player 6.x before 6.0.6, 7.x before 7.1.1; and VMware Horizon Client 3.2.x/3.3.x/5.x. Root cause is improper memo...

6.1CVSS6.2AI score0.00659EPSS
CVE
CVE
added 2021/05/24 11:34 a.m.88 views

CVE-2021-21987

The CVE-2021-21987 entry relates to VMware Workstation (16.x) and Horizon Client for Windows (5.x) with out-of-bounds reads in the Cortado ThinPrint TTC/JPEG2000 parsers. A local attacker with access to a VM or remote desktop can trigger information disclosure from the TPView process. VMware issu...

6.5CVSS6.3AI score0.00559EPSS
CVE
CVE
added 2020/09/16 4:14 p.m.82 views

CVE-2020-3988

CVE-2020-3988 affects VMware Workstation 15.x and Horizon Client for Windows 5.x (pre-5.4.4). The issue is an out-of-bounds read in the Cortado ThinPrint JPEG2000 parser, which can allow a local attacker with VM access to cause a partial DoS or leak memory from TPView. Evidence from multiple sour...

6.1CVSS5.9AI score0.00301EPSS
CVE
CVE
added 2020/09/16 4:17 p.m.81 views

CVE-2020-3990

VMware Workstation (15.x) and Horizon Client for Windows (5.x prior to 5.4.4) are affected by CVE-2020-3990 due to an integer overflow in Cortado ThinPrint. A local attacker with access to a guest VM can exploit this to disclose memory from the TPView process, only if virtual printing is enabled ...

6.5CVSS6.3AI score0.00324EPSS
CVE
CVE
added 2020/09/16 4:13 p.m.79 views

CVE-2020-3986

CVE-2020-3986 affects VMware Workstation 15.x and Horizon Client for Windows 5.x (before 5.4.4). The issue is an out-of-bounds read in the Cortado ThinPrint EMF Parser, allowing a user with normal access to a VM to cause partial DoS or memory leakage in the TPView process. Modes of exploitation a...

6.1CVSS5.9AI score0.00301EPSS
CVE
CVE
added 2015/06/13 2:0 p.m.78 views

CVE-2015-2338

This CVE set covers VMware’s TPView.dll memory allocation flaw that can cause host-denial-of-service from guest OS on Windows. Affected products and ranges include: VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1; VMware Player 6.x before 6.0.6 and 7.x before 7.1.1; VMware Horizon Cl...

6.1CVSS6.3AI score0.00659EPSS
CVE
CVE
added 2015/06/13 2:0 p.m.77 views

CVE-2015-2337

CVE-2015-2337 affects VMware’s TPInt.dll (and related TPView.dll) memory handling. VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1; VMware Player 6.x before 6.0.6 and 7.x before 7.1.1; and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows are...

5.8CVSS7.4AI score0.00747EPSS
CVE
CVE
added 2015/06/13 2:0 p.m.77 views

CVE-2015-2339

CVE-2015-2339 affects VMware TPView.dll memory allocation in Windows-hosted VMware products. Affected: Workstation 10.x before 10.0.6, 11.x before 11.1.1; Player 6.x before 6.0.6, 7.x before 7.1.1; Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x before 5.4.2. The flaw (memory allocation issue) ...

6.1CVSS6.3AI score0.00659EPSS
CVE
CVE
added 2020/09/16 4:14 p.m.77 views

CVE-2020-3987

CVE-2020-3987 is an out-of-bounds read vulnerability in the Cortado ThinPrint EMR STRETCHDIBITS parser affecting VMware Workstation 15.x and Horizon Client for Windows older than 5.4.4. A malicious actor with normal access to a guest VM may trigger a partial DoS or leak memory from the TPView pro...

6.1CVSS5.9AI score0.00301EPSS
CVE
CVE
added 2018/05/29 8:0 p.m.75 views

CVE-2018-6964

CVE-2018-6964 affects VMware Horizon Client for Linux (4.x before 4.8.0) and is a local privilege escalation due to insecure use of an SUID binary. An unprivileged user can escalate to root on a system where Horizon Client is installed. The issue is documented by VMware in VMSA-2018-0014, which n...

7.8CVSS7.8AI score0.00408EPSS
CVE
CVE
added 2021/05/24 11:35 a.m.75 views

CVE-2021-21988

Affected products: VMware Workstation 16.x (pre-16.1.2) and Horizon Client for Windows 5.x (pre-5.5.2). Vulnerability details: Out-of-bounds read in the Cortado ThinPrint component (JPEG2000 and TTC parsers) that may allow information disclosure from the TPView process when a malicious actor has ...

6.5CVSS6.3AI score0.00453EPSS
CVE
CVE
added 2015/06/13 2:0 p.m.68 views

CVE-2015-2336

CVE-2015-2336 affects VMware products on Windows: TPView.dll/TPInt.dll memory allocation issues in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4....

5.8CVSS7.4AI score0.00747EPSS
CVE
CVE
added 2020/10/23 1:49 p.m.67 views

CVE-2020-3998

CVE-2020-3998 affects VMware Horizon Client for Windows versions prior to 5.5.0. The vulnerability is an information-disclosure flaw in the Horizon Client on Windows where a malicious local user can retrieve hashed credentials if the client crashes. Affected software: Horizon Client for Windows (...

6.5CVSS6AI score0.01283EPSS
CVE
CVE
added 2021/05/24 11:43 a.m.67 views

CVE-2021-21989

CVE-2021-21989 affects VMware Workstation 16.x (pre-16.1.2) and Horizon Client for Windows 5.x (pre-5.5.2). The issue is an out-of-bounds read in the Cortado ThinPrint TTC Parser that can lead to information disclosure from the TPView process when an attacker has access to a virtual machine or re...

6.5CVSS6.3AI score0.00453EPSS
CVE
CVE
added 2020/09/16 4:17 p.m.64 views

CVE-2020-3989

VMware Workstation 15.x and Horizon Client for Windows (5.x before 5.4.4) are affected by CVE-2020-3989 due to an out-of-bounds write in the Cortado ThinPrint component. This enables a local attacker with VM access to trigger a partial denial-of-service if virtual printing is enabled (not default...

3.3CVSS4.6AI score0.00289EPSS
CVE
CVE
added 2020/10/16 1:15 p.m.59 views

CVE-2020-3991

The CVE-2020-3991 entry affects VMware Horizon Client for Windows (5.x before 5.5.0). The vulnerability is a denial-of-service caused by a file system access control issue during install time, where an unauthenticated local attacker could use a symbolic link to overwrite certain admin-privileged ...

7.1CVSS6.7AI score0.00343EPSS