Lucene search
K

Vulnerabilities fixed in VMware products

🗓️ 21 May 2025 13:08:22Reported by NCSCType 
ncsc
 ncsc
🔗 advisories.ncsc.nl👁 9 Views

Broadcom fixed vCenter Server command execution, ESXi denial of service by guest users, and cross-site scripting; updates released.

Related
Detection
Refs
ReporterTitlePublishedViews
Family
IBM Security Bulletins
Security Bulletin: IBM Cloud Pak System is vulnerable to an authenticated command-execution due to use of VMWare vCenter [CVE-2025-41225].
29 Jul 202512:00
ibm
IBM Security Bulletins
Security Bulletin: Multiple Vulnerabilities in VMware ESXi affect IBM Cloud Pak System
30 Jan 202616:53
ibm
BDU FSTEC
The vulnerability of the software for managing VMware vCenter Server’s virtual infrastructure lies in the lack of measures taken to neutralize special elements used in the operating system commands, allowing attackers to execute arbitrary commands.
21 May 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of VMware ESXi, Workstation, Fusion, and Cloud Foundation software-related to uncontrolled resource consumption allows attackers to trigger service failures.
25 Aug 202500:00
bdu_fstec
BDU FSTEC
The vulnerability of VMware ESXi and Cloud Foundation software lies in their uncontrolled resource consumption, which allows attackers to trigger service failures.
25 Aug 202500:00
bdu_fstec
BDU FSTEC
The vulnerabilities of VMware ESXi, VMware vCenter Server, and Cloud Foundation software stem from the lack of protective measures for the website structure, allowing attackers to execute cross-site scripting (XSS) attacks.
25 Aug 202500:00
bdu_fstec
Circl
CVE-2025-41225
20 May 202514:48
circl
Circl
CVE-2025-41226
20 May 202514:48
circl
Circl
CVE-2025-41227
20 May 202514:48
circl
Circl
CVE-2025-41228
20 May 202514:48
circl
Rows per page
Vulners

Data

Build on a solid foundation with Vulners data

We provide the essential building blocks for cybersecurity solutions with comprehensive, structured, and constantly updated vulnerability and exploits data

Api

Power your application with Vulners API

The Vulners REST API offers reliable, high-performance access to vulnerability intelligence, with 99.9% SLA uptime and CDN-backed data delivery for seamless global access

App

Assess and manage vulnerabilities with Vulners tools

Built on top of Vulners' database and SDK, end-user solutions give security professionals and developers lightweight and powerful tools for vulnerability remediation

21 May 2025 13:08Current
6.8Medium risk
Vulners AI Score6.8
CVSS 3.18.8
EPSS0.00785
SSVC
9