Ubuntu 20.04 LTS / 22.04 LTS : Linux kernel vulnerabilities (USN-7793-1)

The remote Ubuntu 20.04 LTS / 22.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7793-1 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

VMware Tools 11.x < 12.5.4 / 13.x < 13.0.5 Multiple Vulnerabilities (VMSA-2025-0015)

The version of VMware Tools installed on the remote host is 11.x or 12.x prior to 12.5.4, or 13.x prior to 13.0.5. It is, therefore, affected by multiple vulnerabilities as disclosed in the VMSA-2025-0015 advisory: - VMware Aria Operations and VMware Tools contain a local privilege escalation...

USN-7774-4: Linux kernel (KVM) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

USN-7789-1: Linux kernel (Oracle) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

USN-7789-1 linux-oracle-6.14 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - Block layer subsystem; - Cryptographic API; - ACP...

UBUNTU-CVE-2022-50440

In the Linux kernel, the following vulnerability has been resolved: drm/vmwgfx: Validate the box size for the snooped cursor Invalid userspace dma surface copies could potentially overflow the memcpy from the surface to the snooped image leading to crashes. To fix it the dimensions of the copybox...

USN-7775-3: Linux kernel (Azure) vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - ARM64 architecture; - PowerPC architecture; - x86 architecture; - ACPI drivers; - Serial ATA and Parallel ATA...

CVE-2025-41244

A flaw was found in VMWare open-vm-tools. A malicious actor with non-administrative privileges on a guest Virtual Machine VM could exploit this vulnerability to gain root privileges on the VM. The issue lies in the service-discovery plugin logic, which can execute attacker-controlled binaries fro...

VMware Tools and VMware Aria Operations Elevation of Privilege Vulnerability

VMware Tools and VMware Aria Operations are both products of VMware, Inc. VMware Tools is an enhancement tool that comes with VMWare virtual machines and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of th...

VMware Tools for Windows Access Control Error Vulnerability

VMware Tools for Windows is a set of Windows-based, VMWare virtual machine enhancement tools from VMware, which are drivers provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with those of the host. A...

VMware Aria Operations Information Disclosure Vulnerability

VMware Aria Operations is a unified, artificial intelligence-driven, self-driving IT operations management platform for private, hybrid and multi-cloud environments from VMware. VMware Aria Operations has a security vulnerability that could be exploited by an attacker to disclose other users'...

VMware vCenter SMTP Header Injection Vulnerability

VMware vCenter is a virtualization management software from VMware. An SMTP header injection vulnerability exists in VMware vCenter, which can be exploited by an attacker to manipulate notification emails for scheduled tasks...

VMware Cloud Foundation and VMware NSX Username Enumeration Vulnerability

VMware Cloud Foundation and VMware NSX are both products of VMware, Inc. VMware Cloud Foundation is an all-in-one hybrid cloud platform that includes capabilities for operations automation and infrastructure auto-configuration and integrated lifecycle management. VMware Cloud Foundation is an...

VMware NSX Weak Password Recovery Mechanism Vulnerability

VMware NSX is a network virtualization solution within VMware Cloud Foundation that enables administrators to deploy legacy and modern applications in a private/hybrid cloud.VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware, Inc. The platform includes features such as...

SUSE CVE-2025-41244

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate...

CVE-2025-41251

VMware NSX contains a weak password recovery mechanism vulnerability. An unauthenticated malicious actor may exploit this to enumerate valid usernames, potentially enabling brute-force attacks. Impact: Username enumeration → credential brute force risk. Attack Vector: Remote, unauthenticated...

CVE-2025-41245

VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations...

CVE-2025-41246

VMware Tools for Windows contains an improper authorisation vulnerability due to the way it handles user access controls. A malicious actor with non-administrative privileges on a guest VM, who is already authenticated through vCenter or ESX may exploit this issue to access other guest VMs...

Exploit for CVE-2025-41244

CVE-2025-41244 VMware Aria Operations and VMware Tools contai...

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 CVSS score: 7.8, a local privileg...