Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horizon vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2022-1655
An Incorrect Permission Assignment for Critical Resource flaw was found in Horizon on Red Hat OpenStack. Horizon session cookies are created without the HttpOnly flag despite HorizonSecureCookies being set to true in the environmental files, possibly leading to a loss of confiden...
Redhat Openstack 16.2
NA
CVE-2022-22217
An Improper Check for Unusual or Exceptional Conditions vulnerability in the Packet Forwarding Engine (PFE) of Juniper Networks Junos OS allows an adjacent unauthenticated malicious user to cause a Denial of Service (DoS). The issue is caused by malformed MLD packets looping on a...
Juniper Junos 19.1
Juniper Junos 19.2
Juniper Junos 19.3
Juniper Junos 19.4
Juniper Junos 20.1
Juniper Junos
Juniper Junos 20.2
Juniper Junos 20.3
Juniper Junos 20.4
Juniper Junos 21.1
Juniper Junos 21.2
Juniper Junos 21.3
9.3
CVSSv2
CVE-2022-29875
A vulnerability has been identified in Biograph Horizon PET/CT Systems (All VJ30 versions < VJ30C-UD01), MAGNETOM Family (NUMARIS X: VA12M, VA12S, VA10B, VA20A, VA30A, VA31A), MAMMOMAT Revelation (All VC20 versions < VC20D), NAEOTOM Alpha (All VA40 versions < VA40 SP2), ...
Siemens Biograph Horizon Pet\\/ct Systems Firmware
Siemens Magnetom Numaris X Firmware Va12m
Siemens Magnetom Numaris X Firmware Va12s
Siemens Magnetom Numaris X Firmware Va10b
Siemens Magnetom Numaris X Firmware Va20a
Siemens Magnetom Numaris X Firmware Va30a
Siemens Magnetom Numaris X Firmware Va31a
Siemens Mammomat Revelation Firmware
Siemens Naeotom Alpha Firmware Va40
Siemens Somatom X.cite Firmware
Siemens Somatom X.cite Firmware Va30
Siemens Somatom X.cite Firmware Va40
Siemens Somatom X.creed Firmware
Siemens Somatom X.creed Firmware Va30
Siemens Somatom X.creed Firmware Va40
Siemens Somatom Go.all Firmware
Siemens Somatom Go.all Firmware Va30
Siemens Somatom Go.all Firmware Va40
Siemens Somatom Go.now Firmware
Siemens Somatom Go.now Firmware Va30
Siemens Somatom Go.now Firmware Va40
Siemens Somatom Go.open Pro Firmware
7.5
CVSSv2
CVE-2022-22956
VMware Workspace ONE Access has two authentication bypass vulnerabilities (CVE-2022-22955 & CVE-2022-22956) in the OAuth2 ACS framework. A malicious actor may bypass the authentication mechanism and execute any operation due to exposed endpoints in the authentication framewor...
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
1 Metasploit module
6.5
CVSSv2
CVE-2022-22957
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain two remote code execution vulnerabilities (CVE-2022-22957 & CVE-2022-22958). A malicious actor with administrative access can trigger deserialization of untrusted data through malicious JDBC URI whi...
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
1 Metasploit module
7.2
CVSSv2
CVE-2022-22960
VMware Workspace ONE Access, Identity Manager and vRealize Automation contain a privilege escalation vulnerability due to improper permissions in support scripts. A malicious actor with local access can escalate privileges to 'root'.
Vmware Cloud Foundation
Vmware Identity Manager 3.3.3
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Identity Manager 3.3.6
Vmware Vrealize Automation
Vmware Vrealize Automation 7.6
Vmware Vrealize Suite Lifecycle Manager
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Workspace One Access 21.08.0.1
1 Article
10
CVSSv2
CVE-2022-22954
VMware Workspace ONE Access and Identity Manager contain a remote code execution vulnerability due to server-side template injection. A malicious actor with network access can trigger a server-side template injection that may result in remote code execution.
Vmware Identity Manager 3.3.3
Vmware Vrealize Automation 7.6
Vmware Identity Manager 3.3.4
Vmware Identity Manager 3.3.5
Vmware Vrealize Automation
Vmware Identity Manager 3.3.6
Vmware Workspace One Access 20.10.0.1
Vmware Workspace One Access 20.10.0.0
Vmware Workspace One Access 21.08.0.1
Vmware Workspace One Access 21.08.0.0
Vmware Vrealize Suite Lifecycle Manager
Vmware Cloud Foundation
1 Metasploit module
25 Github repositories
3 Articles
7.2
CVSSv2
CVE-2022-22962
VMware Horizon Agent for Linux (before 22.x) contains a local privilege escalation as a user is able to change the default shared folder location due to a vulnerable symbolic link. Successful exploitation can result in linking to a root owned file.
Vmware Horizon
7.2
CVSSv2
CVE-2022-22964
VMware Horizon Agent for Linux (before 22.x) contains a local privilege escalation that allows a user to escalate to root due to a vulnerable configuration file.
Vmware Horizon
2.1
CVSSv2
CVE-2022-22938
VMware Workstation (16.x before 16.2.2) and Horizon Client for Windows (5.x before 5.5.3) contains a denial-of-service vulnerability in the Cortado ThinPrint component. The issue exists in TrueType font parser. A malicious actor with access to a virtual machine or remote desktop ...
Vmware Workstation
Vmware Horizon
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38002
CVE-2006-4304
CVE-2024-4336
CVE-2024-33437
CVE-2024-4340
CVE-2024-27956
privilege
insecure direct object reference
XSS
item search icon">CVE-2024-25938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »