cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2021-21978,https://securityvulnerability.io/vulnerability/CVE-2021-21978,,VMware View Planner 4.x prior to 4.6 Security Patch 1 contains a remote code execution vulnerability. Improper input validation and lack of authorization leading to arbitrary file upload in logupload web application. An unauthorized attacker with network access to View Planner Harness could upload and execute a specially crafted file leading to remote code execution within the logupload container.,Vmware,Vmware View Planner,9.8,CRITICAL,0.9726600050926208,false,false,false,true,true,false,false,2021-03-03T17:44:25.000Z,0
CVE-2019-5539,https://securityvulnerability.io/vulnerability/CVE-2019-5539,,VMware Workstation (15.x prior to 15.5.1) and Horizon View Agent (7.10.x prior to 7.10.1 and 7.5.x prior to 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user privileges to escalate their privileges to administrator on a Windows machine where Workstation or View Agent is installed.,Vmware,"Vmware Workstation,Horizon View Agent",7.8,HIGH,0.0005499999970197678,false,false,false,false,,false,false,2019-12-23T19:20:50.000Z,0
CVE-2018-6971,https://securityvulnerability.io/vulnerability/CVE-2018-6971,,VMware Horizon View Agents (7.x.x before 7.5.1) contain a local information disclosure vulnerability due to insecure logging of credentials in the vmmsi.log file when an account other than the currently logged on user is specified during installation (including silent installations). Successful exploitation of this issue may allow low privileged users access to the credentials specified during the Horizon View Agent installation.,Vmware,Horizon View Agent,7.8,HIGH,0.0004400000034365803,false,false,false,false,,false,false,2018-07-19T00:00:00.000Z,0
CVE-2017-4935,https://securityvulnerability.io/vulnerability/CVE-2017-4935,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0014299999456852674,false,false,false,false,,false,false,2017-11-17T14:29:00.000Z,0
CVE-2017-4937,https://securityvulnerability.io/vulnerability/CVE-2017-4937,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,false,false,false,,false,false,2017-11-17T14:29:00.000Z,0
CVE-2017-4936,https://securityvulnerability.io/vulnerability/CVE-2017-4936,,"VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0013299999991431832,false,false,false,false,,false,false,2017-11-16T00:00:00.000Z,0
CVE-2017-4918,https://securityvulnerability.io/vulnerability/CVE-2017-4918,,"VMware Horizon View Client (2.x, 3.x and 4.x prior to 4.5.0) contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client is installed.",Vmware,Horizon View Client For Mac,9.8,CRITICAL,0.0033400000538676977,false,false,false,false,,false,false,2017-06-08T19:00:00.000Z,0
CVE-2017-4913,https://securityvulnerability.io/vulnerability/CVE-2017-4913,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4912,https://securityvulnerability.io/vulnerability/CVE-2017-4912,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4911,https://securityvulnerability.io/vulnerability/CVE-2017-4911,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.0008999999845400453,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4908,https://securityvulnerability.io/vulnerability/CVE-2017-4908,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4910,https://securityvulnerability.io/vulnerability/CVE-2017-4910,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.00107999995816499,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4909,https://securityvulnerability.io/vulnerability/CVE-2017-4909,,"VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll. On Workstation, this may allow a guest to execute code or perform a Denial of Service on the Windows OS that runs Workstation. In the case of a Horizon View Client, this may allow a View desktop to execute code or perform a Denial of Service on the Windows OS that runs the Horizon View Client. Exploitation is only possible if virtual printing has been enabled. This feature is not enabled by default on Workstation but it is enabled by default on Horizon View.",Vmware,"Workstation,Horizon View Client For Windows",7.8,HIGH,0.000699999975040555,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2017-4907,https://securityvulnerability.io/vulnerability/CVE-2017-4907,,"VMware Unified Access Gateway (2.5.x, 2.7.x, 2.8.x prior to 2.8.1) and Horizon View (7.x prior to 7.1.0, 6.x prior to 6.2.4) contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway.",Vmware,"Unified Access Gateway,Horizon View",9.8,CRITICAL,0.03692999854683876,false,false,false,false,,false,false,2017-06-08T13:00:00.000Z,0
CVE-2016-7087,https://securityvulnerability.io/vulnerability/CVE-2016-7087,,"Directory traversal vulnerability in the Connection Server in VMware Horizon View 5.x before 5.3.7, 6.x before 6.2.3, and 7.x before 7.0.1 allows remote attackers to obtain sensitive information via unspecified vectors.",Vmware,Horizon View,5.3,MEDIUM,0.08128000050783157,false,false,false,false,,false,false,2016-12-29T09:02:00.000Z,0
CVE-2015-2340,https://securityvulnerability.io/vulnerability/CVE-2015-2340,,"TPInt.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors.",Vmware,"Horizon Client,Horizon View Client",,,0.0014700000174343586,false,false,false,false,,false,false,2015-06-13T14:00:00.000Z,0
CVE-2015-2338,https://securityvulnerability.io/vulnerability/CVE-2015-2338,,"TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2339.",Vmware,"Horizon Client,Horizon View Client",,,0.0014700000174343586,false,false,false,false,,false,false,2015-06-13T14:00:00.000Z,0
CVE-2015-2339,https://securityvulnerability.io/vulnerability/CVE-2015-2339,,"TPview.dll in VMware Workstation 10.x before 10.0.6 and 11.x before 11.1.1, VMware Player 6.x before 6.0.6 and 7.x before 7.1.1, and VMware Horizon Client 3.2.x before 3.2.1, 3.3.x, and 5.x local-mode before 5.4.2 on Windows does not properly allocate memory, which allows guest OS users to cause a host OS denial of service via unspecified vectors, a different vulnerability than CVE-2015-2338.",Vmware,"Horizon Client,Horizon View Client",,,0.0014700000174343586,false,false,false,false,,false,false,2015-06-13T14:00:00.000Z,0
CVE-2012-5978,https://securityvulnerability.io/vulnerability/CVE-2012-5978,,Multiple directory traversal vulnerabilities in the (1) View Connection Server and (2) View Security Server in VMware View 4.x before 4.6.2 and 5.x before 5.1.2 allow remote attackers to read arbitrary files via unspecified vectors.,Vmware,View,,,0.002689999993890524,false,false,false,false,,false,false,2012-12-19T11:00:00.000Z,0
CVE-2012-1511,https://securityvulnerability.io/vulnerability/CVE-2012-1511,,Cross-site scripting (XSS) vulnerability in View Manager Portal in VMware View before 4.6.1 allows remote attackers to inject arbitrary web script or HTML via a crafted URL.,Vmware,View,,,0.002739999908953905,false,false,false,false,,false,false,2012-03-16T20:00:00.000Z,0
CVE-2012-1508,https://securityvulnerability.io/vulnerability/CVE-2012-1508,,"The XPDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges or cause a denial of service (NULL pointer dereference) via unspecified vectors.",Vmware,"Esxi,Esx,View",,,0.0006200000061653554,false,false,false,false,,false,false,2012-03-16T20:00:00.000Z,0
CVE-2012-1509,https://securityvulnerability.io/vulnerability/CVE-2012-1509,,Buffer overflow in the XPDM display driver in VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.,Vmware,View,,,0.0007699999841861427,false,false,false,false,,false,false,2012-03-16T20:00:00.000Z,0
CVE-2012-1510,https://securityvulnerability.io/vulnerability/CVE-2012-1510,,"Buffer overflow in the WDDM display driver in VMware ESXi 4.0, 4.1, and 5.0; VMware ESX 4.0 and 4.1; and VMware View before 4.6.1 allows guest OS users to gain guest OS privileges via unspecified vectors.",Vmware,"Esxi,Esx,View",,,0.0007699999841861427,false,false,false,false,,false,false,2012-03-16T20:00:00.000Z,0
CVE-2010-1143,https://securityvulnerability.io/vulnerability/CVE-2010-1143,,Cross-site scripting (XSS) vulnerability in VMware View (formerly Virtual Desktop Manager or VDM) 3.1.x before 3.1.3 build 252693 allows remote attackers to inject arbitrary web script or HTML via unspecified vectors.,Vmware,View Manager,,,0.0033100000582635403,false,false,false,false,,false,false,2010-05-07T17:43:00.000Z,0