Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
horizon vulnerabilities and exploits
(subscribe to this query)
7.2
CVSSv2
CVE-2020-3950
VMware Fusion (11.x prior to 11.5.2), VMware Remote Console for Mac (11.x and prior prior to 11.0.1) and Horizon Client for Mac (5.x and prior prior to 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries. Successful exploitation of this issu...
Vmware Fusion
Vmware Horizon Client
Vmware Remote Console
1 EDB exploit
2.1
CVSSv2
CVE-2020-3951
VMware Workstation (15.x prior to 15.5.2) and Horizon Client for Windows (5.x and prior prior to 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint. Attackers with non-administrative access to a guest VM with virtual printing enable...
Vmware Horizon Client
Vmware Workstation
7.2
CVSSv2
CVE-2019-5543
For VMware Horizon Client for Windows (5.x and prior prior to 5.3.0), VMware Remote Console for Windows (10.x prior to 11.0.0), VMware Workstation for Windows (15.x prior to 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be w...
Vmware Horizon Client
Vmware Remote Console
Vmware Workstation
1 Article
5
CVSSv2
CVE-2020-3944
vRealize Operations for Horizon Adapter (6.7.x before 6.7.1 and 6.6.x before 6.6.1) has an improper trust store configuration leading to authentication bypass. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may ...
Vmware Vrealize Operations
5
CVSSv2
CVE-2020-3945
vRealize Operations for Horizon Adapter (6.7.x before 6.7.1 and 6.6.x before 6.6.1) contains an information disclosure vulnerability due to incorrect pairing implementation between the vRealize Operations for Horizon Adapter and Horizon View. An unauthenticated remote attacker wh...
Vmware Vrealize Operations
7.5
CVSSv2
CVE-2020-3943
vRealize Operations for Horizon Adapter (6.7.x before 6.7.1 and 6.6.x before 6.6.1) uses a JMX RMI service which is not securely configured. An unauthenticated remote attacker who has network access to vRealize Operations, with the Horizon Adapter running, may be able to execute ...
Vmware Vrealize Operations
2.1
CVSSv2
CVE-2012-5476
Within the RHOS Essex Preview (2012.2) of the OpenStack dashboard package, the file /etc/quantum/quantum.conf is world readable which exposes the admin password and token value.
Openstack Horizon 2012.2
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
2.1
CVSSv2
CVE-2012-5474
The file /etc/openstack-dashboard/local_settings within Red Hat OpenStack Platform 2.0 and RHOS Essex Release (python-django-horizon package prior to 2012.1.1) is world readable and exposes the secret key value.
Redhat Openstack 2.0
Openstack Horizon
Debian Debian Linux 8.0
Debian Debian Linux 9.0
Debian Debian Linux 10.0
Fedoraproject Fedora 18
4.4
CVSSv2
CVE-2019-5539
VMware Workstation (15.x before 15.5.1) and Horizon View Agent (7.10.x before 7.10.1 and 7.5.x before 7.5.4) contain a DLL hijacking vulnerability due to insecure loading of a DLL by Cortado Thinprint. Successful exploitation of this issue may allow attackers with normal user pri...
Vmware Horizon View Agent
Vmware Workstation
7.5
CVSSv2
CVE-2019-5544
OpenSLP as used in ESXi and the Horizon DaaS appliances has a heap overwrite issue. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8.
Vmware Esxi 6.0
Vmware Esxi 6.5
Vmware Esxi 6.7
Vmware Horizon Daas
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Server 7.0
Redhat Enterprise Linux Server Eus 7.7
Redhat Enterprise Linux Server Aus 7.7
Redhat Enterprise Linux Server Tus 7.7
Openslp Openslp 1.2.1
Openslp Openslp 2.0.0
Fedoraproject Fedora 30
Fedoraproject Fedora 31
2 Github repositories
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
firmware
CVE-2023-52866
CVE-2024-4367
CVE-2024-1721
CVE-2023-34992
XML injection
CVE-2023-52817
SQL
CVE-2023-52855
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
2
3
4
5
6
7
8
9
10
NEXT »