Vulnerabilities > High

DATE CVE VULNERABILITY TITLE RISK
2017-06-08 CVE-2017-4913 Integer Overflow or Wraparound vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain an integer-overflow vulnerability in the True Type Font parser in the TPView.dll.
local
high complexity
vmware CWE-190
7.8
2017-06-08 CVE-2017-4912 Out-of-bounds Read vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in TrueType Font (TTF) parser in the TPView.dll.
local
high complexity
vmware CWE-125
7.8
2017-06-08 CVE-2017-4911 Out-of-bounds Write vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds write vulnerabilities in JPEG2000 parser in the TPView.dll.
local
high complexity
vmware CWE-787
7.8
2017-06-08 CVE-2017-4910 Out-of-bounds Read vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple out-of-bounds read vulnerabilities in JPEG2000 parser in the TPView.dll.
local
high complexity
vmware CWE-125
7.8
2017-06-08 CVE-2017-4909 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain a heap buffer-overflow vulnerability in TrueType Font (TTF) parser in the TPView.dll.
local
high complexity
vmware CWE-119
7.8
2017-06-08 CVE-2017-4908 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in VMWare Horizon View and Workstation
VMware Workstation (12.x prior to 12.5.3) and Horizon View Client (4.x prior to 4.4.0) contain multiple heap buffer-overflow vulnerabilities in JPEG2000 parser in the TPView.dll.
local
high complexity
vmware CWE-119
7.8
2017-06-08 CVE-2017-7180 Unquoted Search Path or Element vulnerability in Eduiq NET Monitor for Employees
Net Monitor for Employees Pro through 5.3.4 has an unquoted service path, which allows a Security Feature Bypass of its documented "Block applications" design goal.
local
low complexity
eduiq CWE-428
7.3
2017-06-07 CVE-2016-4973 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in GNU Libssp
Binaries compiled against targets that use the libssp library in GCC for stack smashing protection (SSP) might allow local users to perform buffer overflow attacks by leveraging lack of the Object Size Checking feature.
local
low complexity
gnu CWE-119
7.8
2017-06-07 CVE-2015-8235 Path Traversal vulnerability in Call-Cc Spiffy
Directory traversal vulnerability in Spiffy before 5.4.
network
low complexity
call-cc CWE-22
7.5
2017-06-07 CVE-2015-6240 Link Following vulnerability in Redhat Ansible
The chroot, jail, and zone connection plugins in ansible before 1.9.2 allow local users to escape a restricted environment via a symlink attack.
local
low complexity
redhat CWE-59
7.8