CVSS: 5.3EPSS: 0%CPEs: 8EXPL: 0CVE-2023-34038
https://notcve.org/view.php?id=CVE-2023-34038
04 Aug 2023 — VMware Horizon Server contains an information disclosure vulnerability. A malicious actor with network access may be able to access information relating to the internal network configuration. VMware Horizon Server contiene una vulnerabilidad de divulgación de información. Un actor malicioso con acceso a la red puede ser capaz de acceder a información relativa a la configuración de la red interna. • https://www.vmware.com/security/advisories/VMSA-2023-0017.html •
CVSS: 5.3EPSS: 1%CPEs: 8EXPL: 0CVE-2023-34037
https://notcve.org/view.php?id=CVE-2023-34037
04 Aug 2023 — VMware Horizon Server contains a HTTP request smuggling vulnerability. A malicious actor with network access may be able to perform HTTP smuggle requests. VMware Horizon Server contiene una vulnerabilidad de contrabando de solicitudes HTTP. Un actor malicioso con acceso a la red puede ser capaz de realizar peticiones HTTP de contrabando. • https://www.vmware.com/security/advisories/VMSA-2023-0017.html • CWE-444: Inconsistent Interpretation of HTTP Requests ('HTTP Request/Response Smuggling') •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22964
https://notcve.org/view.php?id=CVE-2022-22964
11 Apr 2022 — VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file. VMware Horizon Agent para Linux (anterior a la versión 22.x) contiene una escalada de privilegios local que permite a un usuario escalar a root debido a un archivo de configuración vulnerable • https://www.vmware.com/security/advisories/VMSA-2022-0012.html •
CVSS: 7.8EPSS: 0%CPEs: 2EXPL: 0CVE-2022-22962
https://notcve.org/view.php?id=CVE-2022-22962
11 Apr 2022 — VMware Horizon Agent for Linux (prior to 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. Successful exploitation can result in linking to a root owned file. El agente de VMware Horizon para Linux (anterior a la versión 22.x) contiene una escalada de privilegios local, ya que un usuario puede cambiar la ubicación de la carpeta compartida por defecto debido a un enlace simbólico vulnerable. Una explotación exitosa pu... • https://www.vmware.com/security/advisories/VMSA-2022-0012.html • CWE-59: Improper Link Resolution Before File Access ('Link Following') •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2022-22938 – VMware Security Advisory 2022-0002
https://notcve.org/view.php?id=CVE-2022-22938
19 Jan 2022 — VMware Workstation (16.x prior to 16.2.2) and Horizon Client for Windows (5.x prior to 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component. The issue exists in TrueType font parser. A malicious actor with access to a virtual machine or remote desktop may exploit this issue to trigger a denial-of-service condition in the Thinprint service running on the host machine where VMware Workstation or Horizon Client for Windows is installed. VMware Workstation (versiones 16.x anterio... • https://www.vmware.com/security/advisories/VMSA-2022-0002.html •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21989 – VMware Workstation ThinPrint TTCHeader Integer Overflow Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-21989
24 May 2021 — VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client para Win... • https://www.vmware.com/security/advisories/VMSA-2021-0009.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21988 – VMware Workstation ThinPrint JPEG2000 Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-21988
24 May 2021 — VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. VMware Workstation (versiones 16.x anteriores a 16.1.2) y Horizon Client par... • https://www.vmware.com/security/advisories/VMSA-2021-0009.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 3EXPL: 0CVE-2021-21987 – VMware Workstation ThinPrint TTCHeader Out-Of-Bounds Read Information Disclosure Vulnerability
https://notcve.org/view.php?id=CVE-2021-21987
24 May 2021 — VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed. VMware Workstation (16.x versiones anteriores a 16.1.2) y Horizon Client para Win... • https://www.vmware.com/security/advisories/VMSA-2021-0009.html • CWE-125: Out-of-bounds Read •
CVSS: 6.5EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3998
https://notcve.org/view.php?id=CVE-2020-3998
23 Oct 2020 — VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes. VMware Horizon Client para Windows (versiones 5.x anteriores a 5.5.0), contiene una vulnerabilidad de divulgación de información. Un atacante malicioso con privilegios locales en la máquina donde está instalado Horizon Client para Window... • https://www.vmware.com/security/advisories/VMSA-2020-0024.html •
CVSS: 5.4EPSS: 0%CPEs: 2EXPL: 0CVE-2020-3997
https://notcve.org/view.php?id=CVE-2020-3997
23 Oct 2020 — VMware Horizon Server (7.x prior to 7.10.3 or 7.13.0) contains a Cross Site Scripting (XSS) vulnerability. Successful exploitation of this issue may allow an attacker to inject malicious script which will be executed. VMware Horizon Server (versiones 7.x anteriores a 7.10.3 o 7.13.0), contiene una vulnerabilidad de tipo Cross Site Scripting (XSS). Una explotación con éxito de este problema puede permitir a un atacante inyectar un script malicioso que será ejecutado • https://www.vmware.com/security/advisories/VMSA-2020-0024.html • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •