cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-21989,https://securityvulnerability.io/vulnerability/CVE-2021-21989,Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation and Horizon Client for Windows have a security flaw due to an out-of-bounds read in the Cortado ThinPrint component. An attacker with access to a virtual machine or remote desktop could exploit this vulnerability, potentially leading to the disclosure of sensitive information from the TPView process on the affected system. Users of these products are advised to update to the latest versions to mitigate the risks associated with this vulnerability.",Vmware,"Vmware Workstation Pro / Player (workstation), Vmware Horizon Client For Windows",6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-05-24T11:43:34.000Z,0
CVE-2021-21988,https://securityvulnerability.io/vulnerability/CVE-2021-21988,Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation and Horizon Client for Windows are impacted by an out-of-bounds read vulnerability found in the Cortado ThinPrint component, specifically in the JPEG2000 Parser. When exploited by a malicious user who has access to a virtual machine or remote desktop session, this vulnerability can lead to unauthorized information disclosure from the TPView process. This issue exists in versions of VMware Workstation prior to 16.1.2 and Horizon Client for Windows prior to 5.5.2, highlighting the importance of keeping software updated to safeguard against potential exploitation.",Vmware,"Vmware Workstation Pro / Player (workstation), Vmware Horizon Client For Windows",6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-05-24T11:35:00.000Z,0
CVE-2021-21987,https://securityvulnerability.io/vulnerability/CVE-2021-21987,Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation and Horizon Client for Windows have a vulnerability in the Cortado ThinPrint component that allows for out-of-bounds reads. This flaw can potentially be exploited by malicious actors who have access to a virtual machine or remote desktop, leading to unauthorized information disclosure from the TPView process. It is crucial for users to apply the recommended updates to safeguard their systems from potential exploitation.",Vmware,"Vmware Workstation Pro / Player (workstation), Vmware Horizon Client For Windows",6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2021-05-24T11:34:55.000Z,0
CVE-2020-3998,https://securityvulnerability.io/vulnerability/CVE-2020-3998,Information Disclosure Vulnerability in VMware Horizon Client for Windows,"VMware Horizon Client for Windows versions prior to 5.5.0 are affected by an information disclosure vulnerability. An attacker with local access could exploit this issue to retrieve hashed credentials following a crash of the Horizon Client application. This exposure can lead to a compromise of sensitive user information, necessitating prompt updates to mitigate the risk.",Vmware,Vmware Horizon Client For Windows,6.5,MEDIUM,0.0006000000284984708,false,,false,false,false,,,false,false,,2020-10-23T13:49:50.000Z,0
CVE-2020-3991,https://securityvulnerability.io/vulnerability/CVE-2020-3991,Denial-of-Service Vulnerability in VMware Horizon Client for Windows,"VMware Horizon Client for Windows (5.0.x to 5.5.0) is susceptible to a denial-of-service vulnerability due to improper file system access control during installation. An attacker can exploit this weakness by performing a symbolic link attack that allows the overwriting of certain admin files. This exploitation can lead to a state where the system becomes unresponsive, significantly impacting service availability and user productivity.",Vmware,Vmware Horizon Client For Windows,7.1,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-10-16T13:15:22.000Z,0
CVE-2020-3990,https://securityvulnerability.io/vulnerability/CVE-2020-3990,Information Disclosure Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation (15.x) and Horizon Client for Windows (5.x prior to 5.4.4) contain a vulnerability stemming from an integer overflow issue in the Cortado ThinPrint component. A malicious actor with access to a virtual machine can exploit this vulnerability to disclose sensitive memory information from the TPView process running on the host system. Notably, exploitation is only possible if the virtual printing feature is enabled; while this is not enabled by default on Workstation, it is enabled by default on Horizon Client.",Vmware,Vmware Workstation And Horizon Client For Windows,6.5,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-09-16T16:17:17.000Z,0
CVE-2020-3989,https://securityvulnerability.io/vulnerability/CVE-2020-3989,Denial of Service Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation and Horizon Client for Windows contain a vulnerability in the Cortado ThinPrint component that may allow an attacker with normal access to a virtual machine to exploit an out-of-bounds write issue. If successful, this could lead to a partial denial-of-service condition on the host system where these applications are installed. It is important to note that exploitation is only feasible if the virtual printing feature is enabled, which is not enabled by default in Workstation but is enabled by default in Horizon Client.",Vmware,Vmware Workstation And Horizon Client For Windows,3.3,LOW,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-09-16T16:17:11.000Z,0
CVE-2020-3988,https://securityvulnerability.io/vulnerability/CVE-2020-3988,Out-of-bounds Read Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation 15.x and Horizon Client for Windows (versions prior to 5.4.4) are susceptible to an out-of-bounds read vulnerability within the Cortado ThinPrint component, specifically in the JPEG2000 parser. This vulnerability could allow a malicious user with normal access to a virtual machine to induce a partial denial-of-service condition or potentially leak sensitive memory data from the TPView process on the host system that operates VMware Workstation or Horizon Client.",Vmware,Vmware Workstation And Horizon Client For Windows,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-09-16T16:14:08.000Z,0
CVE-2020-3987,https://securityvulnerability.io/vulnerability/CVE-2020-3987,Out-of-bounds Read Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation (15.x) and Horizon Client for Windows (5.x prior to 5.4.4) are impacted by an out-of-bounds read vulnerability within the Cortado ThinPrint component. This flaw allows a malicious actor with normal access to a virtual machine to potentially exploit the vulnerability, leading to a partial denial-of-service condition or the unauthorized disclosure of memory from the TPView process on systems where Workstation or Horizon Client is installed. It is crucial for users to implement mitigations to safeguard against potential exploitation.",Vmware,Vmware Workstation And Horizon Client For Windows,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-09-16T16:14:01.000Z,0
CVE-2020-3986,https://securityvulnerability.io/vulnerability/CVE-2020-3986,Out-of-Bounds Read Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation and Horizon Client for Windows have an out-of-bounds read vulnerability in the Cortado ThinPrint component's EMF Parser. A potential attacker with normal access to a virtual machine may exploit this issue, leading to a partial denial-of-service condition or unauthorized memory leakage from the TPView process on affected systems.",Vmware,Vmware Workstation And Horizon Client For Windows,6.1,MEDIUM,0.00044999999227002263,false,,false,false,false,,,false,false,,2020-09-16T16:13:54.000Z,0
CVE-2020-3961,https://securityvulnerability.io/vulnerability/CVE-2020-3961,Privilege Escalation Vulnerability in VMware Horizon Client for Windows,"A privilege escalation flaw exists in VMware Horizon Client for Windows versions before 5.4.3, stemming from improper folder permission settings and unsafe library loading practices. This vulnerability allows a local user, with access to the affected system, to execute commands with the privileges of any user, potentially leading to unauthorized actions or data exposure. It is crucial for users to update to the latest version to mitigate the risks associated with this vulnerability.",Vmware,Vmware Horizon Client For Windows,7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-06-15T15:18:29.000Z,0
CVE-2020-3951,https://securityvulnerability.io/vulnerability/CVE-2020-3951,Denial-of-Service Vulnerability in VMware Workstation and Horizon Client,"VMware Workstation and Horizon Client for Windows are susceptible to a denial-of-service attack due to a heap overflow vulnerability in Cortado Thinprint. This issue allows attackers with non-administrative access to a guest VM with virtual printing enabled to exploit the weakness, potentially leading to a denial-of-service condition affecting the Thinprint service on the host system. Users of the affected versions should apply the latest updates to mitigate this risk.",Vmware,Vmware Workstation And Horizon Client For Windows,3.8,LOW,0.0004400000034365803,false,,false,false,false,,,false,false,,2020-03-17T18:41:49.000Z,0
CVE-2019-5543,https://securityvulnerability.io/vulnerability/CVE-2019-5543,Writeable Configuration Directory in VMware Horizon Client and VMware Workstation,"In certain versions of VMware Horizon Client, VMware Remote Console, and VMware Workstation for Windows, a vulnerability exists where the folder containing configuration files for the VMware USB arbitration service is set to writable by all users. This misconfiguration allows a local user to modify configurations and potentially execute commands as any user on the system where the software is installed, posing a risk of unauthorized access and system integrity compromise.",Vmware,"Vmware Horizon Client For Windows,Vmware Remote Console For Windows,Vmware Workstation For Windows",7.8,HIGH,0.0004199999966658652,false,,false,false,false,,,false,false,,2020-03-16T17:24:55.000Z,0
CVE-2017-4948,https://securityvulnerability.io/vulnerability/CVE-2017-4948,,"VMware Workstation (14.x before 14.1.0 and 12.x) and Horizon View Client (4.x before 4.7.0) contain an out-of-bounds read vulnerability in TPView.dll. On Workstation, this issue in conjunction with other bugs may allow a guest to leak information from host or may allow for a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this issue in conjunction with other bugs may allow a View desktop to leak information from host or may allow for a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon Client For Windows",7.1,HIGH,0.0006500000017695129,false,,false,false,false,,,false,false,,2018-01-05T14:29:00.000Z,0
CVE-2017-4935,https://securityvulnerability.io/vulnerability/CVE-2017-4935,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00203999993391335,false,,false,false,false,,,false,false,,2017-11-17T14:29:00.000Z,0
CVE-2017-4937,https://securityvulnerability.io/vulnerability/CVE-2017-4937,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,,false,false,false,,,false,false,,2017-11-17T14:29:00.000Z,0
CVE-2017-4936,https://securityvulnerability.io/vulnerability/CVE-2017-4936,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,,false,false,false,,,false,false,,2017-11-16T00:00:00.000Z,0
CVE-2017-4908,https://securityvulnerability.io/vulnerability/CVE-2017-4908,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4912,https://securityvulnerability.io/vulnerability/CVE-2017-4912,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4911,https://securityvulnerability.io/vulnerability/CVE-2017-4911,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4910,https://securityvulnerability.io/vulnerability/CVE-2017-4910,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4909,https://securityvulnerability.io/vulnerability/CVE-2017-4909,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4913,https://securityvulnerability.io/vulnerability/CVE-2017-4913,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0