cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-21989,https://securityvulnerability.io/vulnerability/CVE-2021-21989,,VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed.,Vmware,"Vmware Workstation Pro / Player (workstation), Vmware Horizon Client For Windows",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-05-24T11:43:34.000Z,0
CVE-2021-21988,https://securityvulnerability.io/vulnerability/CVE-2021-21988,,VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (JPEG2000 Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed.,Vmware,"Vmware Workstation Pro / Player (workstation), Vmware Horizon Client For Windows",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-05-24T11:35:00.000Z,0
CVE-2021-21987,https://securityvulnerability.io/vulnerability/CVE-2021-21987,,VMware Workstation (16.x prior to 16.1.2) and Horizon Client for Windows (5.x prior to 5.5.2) contain out-of-bounds read vulnerability in the Cortado ThinPrint component (TTC Parser). A malicious actor with access to a virtual machine or remote desktop may be able to exploit these issues leading to information disclosure from the TPView process running on the system where Workstation or Horizon Client for Windows is installed.,Vmware,"Vmware Workstation Pro / Player (workstation), Vmware Horizon Client For Windows",6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2021-05-24T11:34:55.000Z,0
CVE-2020-3998,https://securityvulnerability.io/vulnerability/CVE-2020-3998,,VMware Horizon Client for Windows (5.x prior to 5.5.0) contains an information disclosure vulnerability. A malicious attacker with local privileges on the machine where Horizon Client for Windows is installed may be able to retrieve hashed credentials if the client crashes.,Vmware,Vmware Horizon Client For Windows,6.5,MEDIUM,0.0006000000284984708,false,false,false,false,,false,false,2020-10-23T13:49:50.000Z,0
CVE-2020-3991,https://securityvulnerability.io/vulnerability/CVE-2020-3991,,VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time. Successful exploitation of this issue may allow an attacker to overwrite certain admin privileged files through a symbolic link attack at install time. This will result into a denial-of-service condition on the machine where Horizon Client for Windows is installed.,Vmware,Vmware Horizon Client For Windows,7.1,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2020-10-16T13:15:22.000Z,0
CVE-2020-3990,https://securityvulnerability.io/vulnerability/CVE-2020-3990,,VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an information disclosure vulnerability due to an integer overflow issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.,Vmware,Vmware Workstation And Horizon Client For Windows,6.5,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2020-09-16T16:17:17.000Z,0
CVE-2020-3989,https://securityvulnerability.io/vulnerability/CVE-2020-3989,,VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain a denial of service vulnerability due to an out-of-bounds write issue in Cortado ThinPrint component. A malicious actor with normal access to a virtual machine may be able to exploit this issue to create a partial denial-of-service condition on the system where Workstation or Horizon Client for Windows is installed. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon Client.,Vmware,Vmware Workstation And Horizon Client For Windows,3.3,LOW,0.00044999999227002263,false,false,false,false,,false,false,2020-09-16T16:17:11.000Z,0
CVE-2020-3988,https://securityvulnerability.io/vulnerability/CVE-2020-3988,,VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (JPEG2000 parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.,Vmware,Vmware Workstation And Horizon Client For Windows,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2020-09-16T16:14:08.000Z,0
CVE-2020-3987,https://securityvulnerability.io/vulnerability/CVE-2020-3987,,VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMR STRETCHDIBITS parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.,Vmware,Vmware Workstation And Horizon Client For Windows,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2020-09-16T16:14:01.000Z,0
CVE-2020-3986,https://securityvulnerability.io/vulnerability/CVE-2020-3986,,VMware Workstation (15.x) and Horizon Client for Windows (5.x before 5.4.4) contain an out-of-bounds read vulnerability in Cortado ThinPrint component (EMF Parser). A malicious actor with normal access to a virtual machine may be able to exploit these issues to create a partial denial-of-service condition or to leak memory from TPView process running on the system where Workstation or Horizon Client for Windows is installed.,Vmware,Vmware Workstation And Horizon Client For Windows,6.1,MEDIUM,0.00044999999227002263,false,false,false,false,,false,false,2020-09-16T16:13:54.000Z,0
CVE-2020-3961,https://securityvulnerability.io/vulnerability/CVE-2020-3961,,VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries. A local user on the system where the software is installed may exploit this issue to run commands as any user.,Vmware,Vmware Horizon Client For Windows,7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2020-06-15T15:18:29.000Z,0
CVE-2020-3951,https://securityvulnerability.io/vulnerability/CVE-2020-3951,,VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enabled may exploit this issue to create a denial-of-service condition of the Thinprint service running on the system where Workstation or Horizon Client is installed.,Vmware,Vmware Workstation And Horizon Client For Windows,3.8,LOW,0.0004400000034365803,false,false,false,false,,false,false,2020-03-17T18:41:49.000Z,0
CVE-2019-5543,https://securityvulnerability.io/vulnerability/CVE-2019-5543,,"For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users. A local user on the system where the software is installed may exploit this issue to run commands as any user.",Vmware,"Vmware Horizon Client For Windows,Vmware Remote Console For Windows,Vmware Workstation For Windows",7.8,HIGH,0.0004199999966658652,false,false,false,false,,false,false,2020-03-16T17:24:55.000Z,0
CVE-2017-4948,https://securityvulnerability.io/vulnerability/CVE-2017-4948,,"VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon Client For Windows",7.1,HIGH,0.0006500000017695129,false,false,false,false,,false,false,2018-01-05T14:29:00.000Z,0
CVE-2017-4937,https://securityvulnerability.io/vulnerability/CVE-2017-4937,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,false,false,false,,false,false,2017-11-17T14:29:00.000Z,0
CVE-2017-4935,https://securityvulnerability.io/vulnerability/CVE-2017-4935,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0014299999456852674,false,false,false,false,,false,false,2017-11-17T14:29:00.000Z,0
CVE-2017-4936,https://securityvulnerability.io/vulnerability/CVE-2017-4936,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,false,false,false,,false,false,2017-11-16T00:00:00.000Z,0
CVE-2017-4908,https://securityvulnerability.io/vulnerability/CVE-2017-4908,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4909,https://securityvulnerability.io/vulnerability/CVE-2017-4909,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4913,https://securityvulnerability.io/vulnerability/CVE-2017-4913,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4912,https://securityvulnerability.io/vulnerability/CVE-2017-4912,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4911,https://securityvulnerability.io/vulnerability/CVE-2017-4911,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0008999999845400453,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4910,https://securityvulnerability.io/vulnerability/CVE-2017-4910,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0