|
250541
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-4937
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250542
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds read vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this m…
|
CWE-125
Out-of-bounds Read
|
CVE-2017-4936
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250543
|
8.8 |
HIGH
Local
|
vmware
|
workstation
fusion
|
VMware Workstation (12.x before 12.5.8) and Fusion (8.x before 8.5.9) contain a heap buffer-overflow vulnerability in VMNAT device. This issue may allow a guest to execute code on the host.
|
CWE-119
Incorrect Access of Indexable Resource ('Range Error')
|
CVE-2017-4934
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250544
|
6.1 |
MEDIUM
Network
|
vmware
|
nsx_edge
|
VMware NSX Edge (6.2.x before 6.2.9 and 6.3.x before 6.3.5) contains a moderate Cross-Site Scripting (XSS) issue which may lead to information disclosure.
|
CWE-79
Cross-site Scripting
|
CVE-2017-4929
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250545
|
7.5 |
HIGH
Network
|
vmware
|
vcenter_server
|
The flash-based vSphere Web Client (6.0 prior to 6.0 U3c and 5.5 prior to 5.5 U3f) i.e. not the new HTML5-based vSphere Client, contains SSRF and CRLF injection issues due to improper neutralization …
|
CWE-352
CWE-918
Origin Validation Error
Server-Side Request Forgery (SSRF)
|
CVE-2017-4928
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250546
|
7.5 |
HIGH
Network
|
vmware
|
vcenter_server
|
VMware vCenter Server (6.5 prior to 6.5 U1 and 6.0 prior to 6.0 U3c) does not correctly handle specially crafted LDAP network packets which may allow for remote denial of service.
|
CWE-90
LDAP Injection
|
CVE-2017-4927
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250547
|
7.8 |
HIGH
Local
|
vmware
|
workstation
horizon_view
|
VMware Workstation (12.x before 12.5.8) and Horizon View Client for Windows (4.x before 4.6.1) contain an out-of-bounds write vulnerability in JPEG2000 parser in the TPView.dll. On Workstation, this …
|
CWE-787
Out-of-bounds Write
|
CVE-2017-4935
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250548
|
7.8 |
HIGH
Local
|
vmware
|
airwatch_launcher
|
VMware AirWatch Launcher for Android prior to 3.2.2 contains a vulnerability that could allow an escalation of privilege from the launcher UI context menu to native UI functionality and privilege. Su…
|
NVD-CWE-noinfo
|
CVE-2017-4932
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250549
|
7.8 |
HIGH
Local
|
vmware
|
airwatch
|
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add malicious data to an enrolled device's log files. Successful exploitation of this…
|
CWE-20
Improper Input Validation
|
CVE-2017-4931
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
|
250550
|
5.4 |
MEDIUM
Network
|
vmware
|
airwatch
|
VMware AirWatch Console 9.x prior to 9.2.0 contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device's 'Links' page. Successful exploitation of …
|
CWE-79
Cross-site Scripting
|
CVE-2017-4930
|
2024-11-21 12:26 |
2017-11-17 |
Show
|
GitHub
Exploit DB
Packet Storm
|
|
|
