Vulnerabilities > Vmware > Horizon Client > High

DATE CVE VULNERABILITY TITLE RISK
2020-10-16 CVE-2020-3991 Unspecified vulnerability in VMWare Horizon Client
VMware Horizon Client for Windows (5.x before 5.5.0) contains a denial-of-service vulnerability due to a file system access control issue during install time.
local
low complexity
vmware
7.1
7.1
2020-07-10 CVE-2020-3974 Unspecified vulnerability in VMWare Fusion, Horizon Client and Remote Console
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior before 11.2.0 ) and Horizon Client for Mac (5.x and prior before 5.4.3) contain a privilege escalation vulnerability due to improper XPC Client validation.
local
low complexity
vmware
7.8
7.8
2020-06-15 CVE-2020-3961 Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Horizon Client
VMware Horizon Client for Windows (prior to 5.4.3) contains a privilege escalation vulnerability due to folder permission configuration and unsafe loading of libraries.
local
low complexity
vmware CWE-732
7.8
7.8
2020-05-29 CVE-2020-3957 Time-of-check Time-of-use (TOCTOU) Race Condition vulnerability in VMWare Fusion, Horizon Client and Remote Console
VMware Fusion (11.x before 11.5.5), VMware Remote Console for Mac (11.x and prior) and VMware Horizon Client for Mac (5.x and prior) contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use (TOCTOU) issue in the service opener.
local
high complexity
vmware CWE-367
7.0
7.0
2020-03-17 CVE-2020-3950 Improper Privilege Management vulnerability in VMWare Fusion, Horizon Client and Remote Console
VMware Fusion (11.x before 11.5.2), VMware Remote Console for Mac (11.x and prior before 11.0.1) and Horizon Client for Mac (5.x and prior before 5.4.0) contain a privilege escalation vulnerability due to improper use of setuid binaries.
local
low complexity
vmware CWE-269
7.8
7.8
2020-03-16 CVE-2019-5543 Incorrect Permission Assignment for Critical Resource vulnerability in VMWare Horizon Client, Remote Console and Workstation
For VMware Horizon Client for Windows (5.x and prior before 5.3.0), VMware Remote Console for Windows (10.x before 11.0.0), VMware Workstation for Windows (15.x before 15.5.2) the folder containing configuration files for the VMware USB arbitration service was found to be writable by all users.
local
low complexity
vmware CWE-732
7.8
7.8
2018-05-29 CVE-2018-6964 Unspecified vulnerability in VMWare Horizon Client
VMware Horizon Client for Linux (4.x before 4.8.0 and prior) contains a local privilege escalation vulnerability due to insecure usage of SUID binary.
local
low complexity
vmware
7.8
7.8