cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2021-21978,https://securityvulnerability.io/vulnerability/CVE-2021-21978,Remote Code Execution Vulnerability in VMware View Planner,"VMware View Planner versions prior to 4.6 Security Patch 1 are affected by a vulnerability that allows an unauthorized attacker to execute arbitrary code. This issue arises from improper validation of user input and inadequate authorization checks, particularly within the logupload web application. An attacker with network access to the View Planner Harness can exploit this vulnerability by uploading a specially crafted file, resulting in unauthorized remote code execution in the logupload container.",Vmware,Vmware View Planner,9.8,CRITICAL,0.973580002784729,false,,false,false,true,2021-03-05T08:15:27.000Z,true,false,false,,2021-03-03T17:44:25.000Z,0
CVE-2019-5539,https://securityvulnerability.io/vulnerability/CVE-2019-5539,DLL Hijacking Vulnerability in VMware Workstation and Horizon View Agent,"VMware Workstation and Horizon View Agent are susceptible to a DLL hijacking vulnerability triggered by the insecure loading of a dynamic link library (DLL) via Cortado Thinprint. This flaw allows attackers with standard user privileges to gain elevated access rights, potentially escalating their permissions to administrator level on affected Windows machines. Exploitations of this vulnerability pose significant risks to system security and integrity, especially in environments where these products are deployed.",Vmware,"Vmware Workstation,Horizon View Agent",7.8,HIGH,0.0005499999970197678,false,,false,false,false,,,false,false,,2019-12-23T19:20:50.000Z,0
CVE-2018-6971,https://securityvulnerability.io/vulnerability/CVE-2018-6971,,VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation.,Vmware,Horizon View Agent,7.8,HIGH,0.0004400000034365803,false,,false,false,false,,,false,false,,2018-07-19T00:00:00.000Z,0
CVE-2017-4935,https://securityvulnerability.io/vulnerability/CVE-2017-4935,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00203999993391335,false,,false,false,false,,,false,false,,2017-11-17T14:29:00.000Z,0
CVE-2017-4937,https://securityvulnerability.io/vulnerability/CVE-2017-4937,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,,false,false,false,,,false,false,,2017-11-17T14:29:00.000Z,0
CVE-2017-4936,https://securityvulnerability.io/vulnerability/CVE-2017-4936,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,,false,false,false,,,false,false,,2017-11-16T00:00:00.000Z,0
CVE-2017-4918,https://securityvulnerability.io/vulnerability/CVE-2017-4918,,"VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.",Vmware,Horizon View Client For Mac,9.8,CRITICAL,0.0033400000538676977,false,,false,false,false,,,false,false,,2017-06-08T19:00:00.000Z,0
CVE-2017-4912,https://securityvulnerability.io/vulnerability/CVE-2017-4912,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4908,https://securityvulnerability.io/vulnerability/CVE-2017-4908,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4909,https://securityvulnerability.io/vulnerability/CVE-2017-4909,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4910,https://securityvulnerability.io/vulnerability/CVE-2017-4910,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4911,https://securityvulnerability.io/vulnerability/CVE-2017-4911,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0008999999845400453,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4913,https://securityvulnerability.io/vulnerability/CVE-2017-4913,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2017-4907,https://securityvulnerability.io/vulnerability/CVE-2017-4907,,"VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.",Vmware,"Unified Access Gateway,Horizon View",9.8,CRITICAL,0.03692999854683876,false,,false,false,false,,,false,false,,2017-06-08T13:00:00.000Z,0
CVE-2016-7087,https://securityvulnerability.io/vulnerability/CVE-2016-7087,,"Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors.",Vmware,Horizon View,5.3,MEDIUM,0.09092000126838684,false,,false,false,false,,,false,false,,2016-12-29T09:02:00.000Z,0
CVE-2015-2338,https://securityvulnerability.io/vulnerability/CVE-2015-2338,,"TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339.",Vmware,"Horizon Client,Horizon View Client",,,0.0014700000174343586,false,,false,false,false,,,false,false,,2015-06-13T14:00:00.000Z,0
CVE-2015-2340,https://securityvulnerability.io/vulnerability/CVE-2015-2340,,"TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.",Vmware,"Horizon Client,Horizon View Client",,,0.0014700000174343586,false,,false,false,false,,,false,false,,2015-06-13T14:00:00.000Z,0
CVE-2015-2339,https://securityvulnerability.io/vulnerability/CVE-2015-2339,,"TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338.",Vmware,"Horizon Client,Horizon View Client",,,0.0014700000174343586,false,,false,false,false,,,false,false,,2015-06-13T14:00:00.000Z,0
CVE-2012-5978,https://securityvulnerability.io/vulnerability/CVE-2012-5978,,Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors.,Vmware,View,,,0.002689999993890524,false,,false,false,false,,,false,false,,2012-12-19T11:00:00.000Z,0
CVE-2012-1511,https://securityvulnerability.io/vulnerability/CVE-2012-1511,,Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.,Vmware,View,,,0.002739999908953905,false,,false,false,false,,,false,false,,2012-03-16T20:00:00.000Z,0
CVE-2012-1510,https://securityvulnerability.io/vulnerability/CVE-2012-1510,,"Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.",Vmware,"Esxi,Esx,View",,,0.0007699999841861427,false,,false,false,false,,,false,false,,2012-03-16T20:00:00.000Z,0
CVE-2012-1509,https://securityvulnerability.io/vulnerability/CVE-2012-1509,,Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.,Vmware,View,,,0.0007699999841861427,false,,false,false,false,,,false,false,,2012-03-16T20:00:00.000Z,0
CVE-2012-1508,https://securityvulnerability.io/vulnerability/CVE-2012-1508,,"The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.",Vmware,"Esxi,Esx,View",,,0.0006200000061653554,false,,false,false,false,,,false,false,,2012-03-16T20:00:00.000Z,0
CVE-2010-1143,https://securityvulnerability.io/vulnerability/CVE-2010-1143,,Cross-site scripting (XSS) vulnerability in VMware View (formerly Virtual Desktop Manager or VDM) 3.1.x before 3.1.3 build 252693 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,Vmware,View Manager,,,0.0033100000582635403,false,,false,false,false,,,false,false,,2010-05-07T17:43:00.000Z,0