Vmware Horizon View vulnerabilities
14 known vulnerabilities affecting vmware/horizon_view.
Total CVEs
14
CISA KEV
0
Public exploits
0
Exploited in wild
0
Severity breakdown
CRITICAL2HIGH10MEDIUM2
Vulnerabilities
Page 1 of 1
CVE-2018-6970MEDIUMCVSS 6.5≥ 6.0.0, < 6.2.7≥ 7.0.0, < 7.5.12018-08-13
CVE-2018-6970 [MEDIUM] CWE-125 CVE-2018-6970: VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and
VMware Horizon 6 (6.x.x before 6.2.7), Horizon 7 (7.x.x before 7.5.1), and Horizon Client (4.x.x and prior before 4.8.1) contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from a privileged process running on a system where Horizon Connec
nvd
CVE-2017-4948HIGHCVSS 7.1≥ 4.0, < 4.72018-01-05
CVE-2017-4948 [HIGH] CWE-125 CVE-2017-4948: VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain
VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Hori
nvd
CVE-2017-4936HIGHCVSS 7.8v4.0.0v4.0.1+6 more2017-11-17
CVE-2017-4936 [HIGH] CWE-125 CVE-2017-4936: VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) conta
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allo
nvd
CVE-2017-4935HIGHCVSS 7.8v4.0.0v4.0.1+6 more2017-11-17
CVE-2017-4935 [HIGH] CWE-787 CVE-2017-4935: VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) conta
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may all
nvd
CVE-2017-4937HIGHCVSS 7.8v4.0.0v4.0.1+6 more2017-11-17
CVE-2017-4937 [HIGH] CWE-125 CVE-2017-4937: VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) conta
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allo
nvd
CVE-2017-4907CRITICALCVSS 9.8v6.0v6.0.2+10 more2017-06-08
CVE-2017-4907 [CRITICAL] CWE-119 CVE-2017-4907: VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.
VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.
cvelistv5nvd
CVE-2017-4918CRITICALCVSS 9.8v2.0v2.1+12 more2017-06-08
CVE-2017-4918 [CRITICAL] CWE-77 CVE-2017-4918: VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerabil
VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.
nvd
CVE-2017-4909HIGHCVSS 7.8v4.0v4.1+2 more2017-06-08
CVE-2017-4909 [HIGH] CWE-119 CVE-2017-4909: VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a hea
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may
nvd
CVE-2017-4911HIGHCVSS 7.8v4.0v4.1+2 more2017-06-08
CVE-2017-4911 [HIGH] CWE-787 CVE-2017-4911: VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multi
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may all
nvd
CVE-2017-4910HIGHCVSS 7.8v4.0v4.1+2 more2017-06-08
CVE-2017-4910 [HIGH] CWE-125 CVE-2017-4910: VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multi
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allo
nvd
CVE-2017-4913HIGHCVSS 7.8v4.0v4.1+2 more2017-06-08
CVE-2017-4913 [HIGH] CWE-190 CVE-2017-4913: VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an in
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allo
nvd
CVE-2017-4908HIGHCVSS 7.8v4.0v4.1+2 more2017-06-08
CVE-2017-4908 [HIGH] CWE-119 CVE-2017-4908: VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multi
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may al
nvd
CVE-2017-4912HIGHCVSS 7.8v4.0v4.1+2 more2017-06-08
CVE-2017-4912 [HIGH] CWE-125 CVE-2017-4912: VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multi
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, th
nvd
CVE-2016-7087MEDIUMCVSS 5.3v5.0v5.0.1+10 more2016-12-29
CVE-2016-7087 [MEDIUM] CWE-22 CVE-2016-7087: Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7,
Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors.
nvd