CVSS: 7.8EPSS: 14%CPEs: 4EXPL: 6CVE-2020-3950 – VMware Multiple Products Privilege Escalation Vulnerability
https://notcve.org/view.php?id=CVE-2020-3950
17 Mar 2020 — VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to root on the system where Fusion, VMRC or Horizon Client is installed. VMware Fusion (versiones 11.x anteriores a 11.5.2), VMware Remote Console for Mac (ver... • https://packetstorm.news/files/id/157079 • CWE-269: Improper Privilege Management •
CVSS: 3.8EPSS: 0%CPEs: 3EXPL: 0CVE-2020-3951
https://notcve.org/view.php?id=CVE-2020-3951
17 Mar 2020 — VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issue to create a denial-of-service condition of the Thinprint service running on the system where Workstation or Horizon Client is installed. VMware Workstation (versiones 15.x anteriores a 15.5.2) y Horizon Client f... • https://www.vmware.com/security/advisories/VMSA-2020-0005.html • CWE-787: Out-of-bounds Write •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-5543
https://notcve.org/view.php?id=CVE-2019-5543
16 Mar 2020 — For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. A local user on the system where the software is installed may exploit this issue to run commands as any user. Para VMware Horizon Client for Windows (versiones 5.x y anteriores a 5.3.0), VMware Remote Console for Wi... • https://www.vmware.com/security/advisories/VMSA-2020-0004.html • CWE-732: Incorrect Permission Assignment for Critical Resource •
CVSS: 7.8EPSS: 0%CPEs: 4EXPL: 0CVE-2019-5539
https://notcve.org/view.php?id=CVE-2019-5539
23 Dec 2019 — VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed. VMware Workstation (versiones 15.x anteriores a 15.5.1) y Horizon View Agent (versiones 7.10.x anteriores... • https://www.vmware.com/security/advisories/VMSA-2019-0023.html • CWE-427: Uncontrolled Search Path Element •
CVSS: 9.8EPSS: 87%CPEs: 260EXPL: 2CVE-2019-5544 – VMware ESXi and Horizon DaaS OpenSLP Heap-Based Buffer Overflow Vulnerability
https://notcve.org/view.php?id=CVE-2019-5544
06 Dec 2019 — OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. OpenSLP, como es usado en ESXi y los dispositivos Horizon DaaS, presenta un problema de sobrescritura de la pila. VMware ha evaluado la gravedad de este problema para estar en el rango de gravedad Crítica con una puntuación base máxima CVSSv3 de 9.8. A heap overflow vulnerability was found in OpenSLP.... • https://github.com/HynekPetrak/CVE-2019-5544_CVE-2020-3992 • CWE-122: Heap-based Buffer Overflow CWE-787: Out-of-bounds Write •
CVSS: 8.8EPSS: 0%CPEs: 187EXPL: 0CVE-2019-5527 – VMware Security Advisory 2019-0014
https://notcve.org/view.php?id=CVE-2019-5527
20 Sep 2019 — ESXi, Workstation, Fusion, VMRC and Horizon Client contain a use-after-free vulnerability in the virtual sound device. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 8.5. ESXi, Workstation, Fusion, VMRC y Horizon Client contienen una vulnerabilidad uso de la memoria previamente liberada en el dispositivo de sonido virtual. VMware ha evaluado la gravedad de este problema para estar en el rango de gravedad Importante con un puntaje bas... • https://www.vmware.com/security/advisories/VMSA-2019-0014.html • CWE-416: Use After Free •
CVSS: 5.3EPSS: 0%CPEs: 4EXPL: 0CVE-2019-5513 – VMware Security Advisory 2019-0003
https://notcve.org/view.php?id=CVE-2019-5513
15 Mar 2019 — VMware Horizon Connection Server (7.x before 7.8, 7.5.x before 7.5.2, 6.x before 6.2.8) contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP address. VMware Horizon Connection Server (7.x anterior a la versión 7.8, 7.5.x anterior de 7.5.2, 6.x anterior de 6.2.8) contiene una vulnerabilidad de divulgación de información. La explotación con éxito de este problem... • https://www.vmware.com/security/advisories/VMSA-2019-0003.html •
CVSS: 6.5EPSS: 1%CPEs: 3EXPL: 0CVE-2018-6970 – VMWare Horizon Client wswc_sharedMem_shared Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2018-6970
07 Aug 2018 — VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connection Server, Horizon Agent or Horizon Client are installed. Note: This issue doesn't apply to Horizon 6, 7 Agents installed on Linux systems or Horizon Clients... • http://www.securityfocus.com/bid/105031 • CWE-125: Out-of-bounds Read •
CVSS: 7.8EPSS: 0%CPEs: 1EXPL: 0CVE-2018-6971 – VMware Security Advisory 2018-0018
https://notcve.org/view.php?id=CVE-2018-6971
20 Jul 2018 — VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation. VMware Horizon View Agents (versiones 7.x.x anteriores a la 7.5.1) contienen u... • http://www.securityfocus.com/bid/104883 • CWE-532: Insertion of Sensitive Information into Log File •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2018-6964 – VMware Security Advisory 2018-0014
https://notcve.org/view.php?id=CVE-2018-6964
29 May 2018 — VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on a Linux machine where Horizon Client is installed. VMware Horizon Client for Linux (versiones 4.x anteriores a la 4.8.0 y anteriores) contiene una vulnerabilidad de escalado de privilegios local debido al uso inseguro de un binario SUID. La explotación e... • http://www.securityfocus.com/bid/104315 •