SUSE CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

CVE-2025-22249

VMware Aria automation contains a DOM based Cross-Site Scripting XSS vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL...

CVE-2025-22249

VMware Aria automation contains a DOM based Cross-Site Scripting XSS vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL...

CVE-2025-22249 VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)

VMware Aria automation contains a DOM based Cross-Site Scripting XSS vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL...

CVE-2025-22249

CVE-2025-22249 is a DOM-based Cross‑Site Scripting (XSS) flaw in VMware Aria Automation. Affected product: VMware Aria Automation (8.18.x line). Root cause: DOM-based XSS that enables an attacker to steal the access token of a logged-in user by convincing the user to click a malicious crafted pay...

CVE-2025-22249 VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)

VMware Aria automation contains a DOM based Cross-Site Scripting XSS vulnerability. A malicious actor may exploit this issue to steal the access token of a logged in user of VMware Aria automation appliance by tricking the user into clicking a malicious crafted payload URL...

VMware Aria Automation 安全漏洞

VMware Aria Automation is a modern workflow automation platform from VMware that simplifies and automates complex data center infrastructure tasks to improve scalability and agility. A security vulnerability exists in VMware Aria Automation that originates from DOM-type cross-site scripting and...

VMware Tools Insecure File Handling Vulnerability (VMSA-2025-0007) - Windows

VMware Tools is prone to an insecure file handling vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:vmware:tools";...

CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

AZL-67797 CVE-2025-22247 affecting package open-vm-tools for versions less than 11.3.0-4

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

DEBIAN-CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

CVE-2025-22247 Insecure file handling vulnerability

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

CVE-2025-22247 Insecure file handling vulnerability

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...

CVE-2025-22247

CVE-2025-22247 affects open-vm-tools ( VMware Tools open-source components) and can be triggered by a non-administrative guest-VM user due to insecure file handling that may tamper local files, potentially enabling partial integrity impact within the guest. Several advisories confirm affected pac...

PT-2025-20732 · Vmware · Vmware Aria Automation

Name of the Vulnerable Software and Affected Versions: VMware Aria automation affected versions not specified Description: The issue is a DOM-based Cross-Site Scripting XSS vulnerability. A malicious actor may exploit this to steal the access token of a logged-in user by tricking them into clicki...

VMware Tools 安全漏洞

VMware Tools is an enhancement tool that comes with VMWare virtual machines from VMware, Inc. It is a driver provided by VMware to enhance the performance of virtual graphics cards and hard disks, as well as to synchronize the clocks of the virtual machine with the host computer. A security...

VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)

Advisory ID: | VMSA-2025-0008 ---|--- Advisory Severity: | Important CVSSv3 Range: | 8.2 Synopsis: | VMware Aria automation updates address a DOM based Cross-site scripting vulnerability CVE-2025-22249 Issue date: | 2025-05-12 Updated on: | 2025-05-12 CVEs | CVE-2025-22249 1. Impacted Products...

VMSA-2025-0007: VMware Tools update addresses an insecure file handling vulnerability (CVE-2025-22247)

Advisory ID: | VMSA-2025-0007 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 6.1 Synopsis: | VMware Tools update addresses an insecure file handling vulnerability CVE-2025-22247 Issue date: | 2025-05-12 Updated on: | 2025-05-12 Initial Advisory CVEs | CVE-2025-22247 1. Impacted Products...

UBUNTU-CVE-2025-22247

VMware Tools contains an insecure file handling vulnerability. A malicious actor with non-administrative privileges on a guest VM may tamper the local files to trigger insecure file operations within that VM...