CVE-2025-41230

VMware Cloud Foundation contains an information disclosure vulnerability (CVE-2025-41230). A malicious actor with network access to port 443 may exploit this issue to access sensitive information. The related advisory VMSA-2025-0009 assigns a CVSSv3 base score of 7.5 (Impact on confidentiality = ...

CVE-2025-41230 VMware Cloud Foundation Information Disclosure Vulnerability

VMware Cloud Foundation contains an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to sensitive information...

CVE-2025-41229 VMware Cloud Foundation Directory Traversal Vulnerability

VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services...

CVE-2025-41229 VMware Cloud Foundation Directory Traversal Vulnerability

VMware Cloud Foundation contains a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain internal services...

CVE-2025-41229

CVE-2025-41229 affects VMware Cloud Foundation and is a directory traversal vulnerability. A remote attacker on port 443 can exploit it to access internal services. The entry cites CVSS v3.1 base score 8.2 (High) with network access, no user interaction required. Public docs confirm the issue and...

[SECURITY] Fedora 42 Update: open-vm-tools-12.5.2-1.fc42

The open-vm-tools project is an open source implementation of VMware Tools. It is a suite of open source virtualization utilities and drivers to improve the functionality, user experience and administration of VMware virtual machines. This package contains only the core user-space programs and...

PT-2025-22130 · Vmware · Vmware Cloud Foundation

Name of the Vulnerable Software and Affected Versions: VMware Cloud Foundation affected versions not specified Description: The issue is a directory traversal vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to access certain...

VMware ESXi 安全漏洞

VMware ESXi is a server virtualization platform from VMware that can be installed directly on physical servers. A security vulnerability exists in VMware ESXi, which originates from a denial of service condition that can be triggered by an attacker with client privileges...

VMware ESXi 安全漏洞

VMware ESXi is a suite of server virtualization platforms from VMware that can be installed directly on physical servers. A security vulnerability exists in VMware ESXi that originates from a client operating system unprivileged user could exhaust host memory, resulting in a denial of service...

VMSA-2025-0009 : VMware Cloud Foundation updates address multiple vulnerabilities (CVE-2025-41229, CVE-2025-41230, CVE-2025-41231)

Advisory ID: | VMSA-2025-0009 ---|--- Advisory Severity: | Important CVSSv3 Range: | 7.3-8.2 Synopsis: | VMware Cloud Foundation updates address multiple vulnerabilities CVE-2025-41229, CVE-2025-41230, CVE-2025-41231 Issue date: | 2025-05-20 Updated on: | 2025-05-20 Initial Advisory CVEs |...

PT-2025-22132 · Vmware · Vmware Cloud Foundation

Name of the Vulnerable Software and Affected Versions: VMware Cloud Foundation affected versions not specified Description: The issue is related to a missing authorization vulnerability. A malicious actor with access to the VMware Cloud Foundation appliance may be able to perform certain...

VMware Cloud Foundation 安全漏洞

VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. VMware Cloud Foundation suffers from an authorization issue vulnerability that stems fro...

VMware Cloud Foundation 安全漏洞

VMware Cloud Foundation is an all-in-one hybrid cloud platform from VMware. The platform includes features such as operations automation, infrastructure auto-configuration and integrated lifecycle management. A directory traversal vulnerability exists in VMware Cloud Foundation, which stems from ...

VMSA-2025-0010 : VMware ESXi, vCenter Server, Workstation, and Fusion updates address multiple vulnerabilities (CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228)

Advisory ID: | VMSA-2025-0010 ---|--- Advisory Severity: | Important CVSSv3 Range: | 4.3-8.8 Synopsis: | VMware ESXi, vCenter Server, Workstation, and Fusion updates address multiple vulnerabilities CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228 Issue date: | 2025-05-20 Updated on...

PT-2025-22147 · Vmware · Vmware Esxi +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi affected versions not specified Description: The issue is a denial-of-service vulnerability that occurs when performing a guest operation. A malicious actor with guest operation privileges on a VM, who is already authenticated...

PT-2025-22149

Name of the Vulnerable Software and Affected Versions: VMware ESXi and vCenter Server affected versions not specified Description: The issue is related to a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of...

PT-2025-22148 · Vmware · Vmware Workstation +2

Name of the Vulnerable Software and Affected Versions: VMware ESXi, Workstation, and Fusion affected versions not specified Description: The issue is a denial-of-service vulnerability due to certain guest options. A malicious actor with non-administrative privileges within a guest operating syste...

PT-2025-22131 · Vmware · Vmware Cloud Foundation

Name of the Vulnerable Software and Affected Versions: VMware Cloud Foundation affected versions not specified Description: The issue is an information disclosure vulnerability. A malicious actor with network access to port 443 on VMware Cloud Foundation may exploit this issue to gain access to...

VMware ESXi和VMware vCenter Server 安全漏洞

VMware ESXi and VMware vCenter Server are both products of VMware, Inc.VMware ESXi is a server virtualization platform that can be installed directly on physical servers.VMware vCenter Server is a suite of server and virtualization management software. The software provides a centralized platform...

VMware Workstation 17.0.x < 17.6.3 Multiple Vulnerabilities (VMSA-2025-0010)

The version of VMware Workstation installed on the remote host is 17.0.x prior to 17.6.3. It is, therefore, affected by multiple vulnerabilities. Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C...