Vulnerabilities > Vmware > Horizon Client > 5.0.0

DATE CVE VULNERABILITY TITLE RISK
2020-07-10 CVE-2020-3974 Unspecified vulnerability in VMWare Fusion, Horizon Client and Remote Console
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior before 11.2.0 ) and Horizon Client for Mac (5.x and prior before 5.4.3) contain a privilege escalation vulnerability due to improper XPC Client validation.
local
low complexity
vmware
7.8
7.8
2020-06-15 CVE-2020-3961 Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Horizon Client
VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries.
local
low complexity
vmware CWE-732
7.8
7.8
2020-05-29 CVE-2020-3957 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Fusion, Horizon Client and Remote Console
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener.
local
high complexity
vmware CWE-367
7.0
7.0
2020-03-17 CVE-2020-3951 Out-of-bounds Write vulnerability in VMWare Horizon Client and Workstation
VMware Workstation (15.x before 15.5.2) and Horizon Client for Windows (5.x and prior before 5.4.0) contain a denial-of-service vulnerability due to a heap-overflow issue in Cortado Thinprint.
local
low complexity
vmware CWE-787
3.8
3.8
2020-03-17 CVE-2020-3950 Improper Privilege Management vulnerability in VMWare Fusion, Horizon Client and Remote Console
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries.
local
low complexity
vmware CWE-269
7.8
7.8
2020-03-16 CVE-2019-5543 Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Horizon Client, Remote Console and Workstation
For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users.
local
low complexity
vmware CWE-732
7.8
7.8