CVE-2022-22964
https://notcve.org/view.php?id=CVE-2022-22964
VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file. VMware Horizon Agent para Linux (anterior a la versión 22.x) contiene una escalada de privilegios local que permite a un usuario escalar a root debido a un archivo de configuración vulnerable • https://www.vmware.com/security/advisories/VMSA-2022-0012.html •
CVE-2022-22962
https://notcve.org/view.php?id=CVE-2022-22962
VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. Successful exploitation can result in linking to a root owned file. El agente de VMware Horizon para Linux (anterior a la versión 22.x) contiene una escalada de privilegios local, ya que un usuario puede cambiar la ubicación de la carpeta compartida por defecto debido a un enlace simbólico vulnerable. Una explotación exitosa puede resultar en la vinculación a un archivo propiedad de la raíz • https://www.vmware.com/security/advisories/VMSA-2022-0012.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVE-2022-22938
https://notcve.org/view.php?id=CVE-2022-22938
VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component. The issue exists in TrueType font parser. A malicious actor with access to a virtual machine or remote desktop may exploit this issue to trigger a denial-of-service condition in the Thinprint service running on the host machine where VMware Workstation or Horizon Client for Windows is installed. VMware Workstation (versiones 16.x anteriores a 16.2.2) y Horizon Client para Windows (versiones 5.x anteriores a 5.5.3) contienen una vulnerabilidad de denegación de servicio en el componente Cortado ThinPrint. El problema se presenta en el analizador de fuentes TrueType. • https://www.vmware.com/security/advisories/VMSA-2022-0002.html •
CVE-2021-25934
https://notcve.org/view.php?id=CVE-2021-25934
In OpenNMS Horizon, versions opennms-18.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulnerable to Stored Cross-Site Scripting, since the function `createRequisitionedNode()` does not perform any validation checks on the input sent to the `node-label` parameter. Due to this flaw an attacker could inject an arbitrary script which will be stored in the database. En OpenNMS Horizon, versiones opennms-18.0.0-1 hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; versiones meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.7-1, son vulnerables a un ataque de tipo Cross-Site Scripting Almacenado, ya que la función "createRequisitionedNode()" no lleva a cabo ningún chequeo de comprobación en la entrada enviada hacia el parámetro "nodo -label". Debido a este fallo, un atacante podría inyectar un script arbitrario que será almacenado en la base de datos • https://github.com/OpenNMS/opennms/commit/101e3aa06ec9a1f8f266335fc6f5685c062c6117 https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25934 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2021-25935
https://notcve.org/view.php?id=CVE-2021-25935
In OpenNMS Horizon, versions opennms-17.0.0-1 through opennms-27.1.0-1; OpenNMS Meridian, versions meridian-foundation-2015.1.0-1 through meridian-foundation-2019.1.18-1; meridian-foundation-2020.1.0-1 through meridian-foundation-2020.1.7-1 are vulnerable to Stored Cross-Site Scripting, since the function `add()` performs improper validation checks on the input sent to the `foreign-source` parameter. Due to this flaw an attacker could bypass the existing regex validation and inject an arbitrary script which will be stored in the database. En OpenNMS Horizon, versiones opennms-17.0.0-1 hasta opennms-27.1.0-1; OpenNMS Meridian, versiones meridian-foundation-2015.1.0-1 hasta meridian-foundation-2019.1.18-1; versiones meridian-foundation-2020.1.0-1 hasta meridian-foundation-2020.1.7-1, son vulnerables a un ataque de tipo Cross-Site Scripting Almacenado, ya que la función "add()" lleva a cabo chequeos de comprobación inapropiadas en la entrada enviada hacia el parámetro "foreign-source". Debido a este fallo, un atacante podría omitir la Comprobación de expresiones regulares existente e inyectar un script arbitrario que será almacenado en la base de datos • https://github.com/OpenNMS/opennms/commit/101e3aa06ec9a1f8f266335fc6f5685c062c6117 https://github.com/OpenNMS/opennms/commit/eb08b5ed4c5548f3e941a1f0d0363ae4439fa98c https://www.whitesourcesoftware.com/vulnerability-database/CVE-2021-25935 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •