26 results (0.009 seconds)

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration. VMware Horizon Server contiene una vulnerabilidad de divulgación de información. Un actor malicioso con acceso a la red puede ser capaz de acceder a información relativa a la configuración de la red interna. • https://www.vmware.com/security/advisories/VMSA-2023-0017.html •

CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0

VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests. VMware Horizon Server contiene una vulnerabilidad de contrabando de solicitudes HTTP. Un actor malicioso con acceso a la red puede ser capaz de realizar peticiones HTTP de contrabando. • https://www.vmware.com/security/advisories/VMSA-2023-0017.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client para Windows (versiones 5.x anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (TTC Parser). Un actor malicioso con acceso a una máquina virtual o un escritorio remoto puede ser capaz de explotar estos problemas conllevando a una divulgación de información del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ThinPrint component. • https://www.vmware.com/security/advisories/VMSA-2021-0009.html https://www.zerodayinitiative.com/advisories/ZDI-21-610 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client para Windows (versiones 5.x anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (JPEG2000 Parser). Un actor malicioso con acceso a una máquina virtual o escritorio remoto puede explotar estos problemas que conllevan a una divulgación de información del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ThinPrint component. • https://www.vmware.com/security/advisories/VMSA-2021-0009.html https://www.zerodayinitiative.com/advisories/ZDI-21-609 • CWE-125: Out-of-bounds Read •

CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0

VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. VMware Workstation (16.x versiones anteriores a 16.1.2) y Horizon Client para Windows (5.x versiones anteriores a 5.5.2) contienen una vulnerabilidad de lectura fuera de límites en el componente Cortado ThinPrint (TTC Parser). Un actor malicioso con acceso a una máquina virtual o escritorio remoto puede explotar estos problemas que conllevan a la divulgación de información del proceso TPView que se ejecuta en el sistema donde está instalado Workstation o Horizon Client para Windows This vulnerability allows local attackers to disclose sensitive information on affected installations of VMware Workstation. An attacker must first obtain the ability to execute low-privileged code on the target guest system in order to exploit this vulnerability. The specific flaw exists within the ThinPrint component. • https://www.vmware.com/security/advisories/VMSA-2021-0009.html https://www.zerodayinitiative.com/advisories/ZDI-21-608 • CWE-125: Out-of-bounds Read •