VMware Aria Operations 8.x < 8.18 HF 5 Privilege Escalation (VMSA-2025-0006)

The version of VMware Aria Operations formerly vRealize Operations running on the remote host is 8.x prior to 8.18 HF 5. It is, therefore, affected by a privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the applianc...

Vulnerability Scanner Detection Related to CVE-2024-7264

Support Statement This Veeam KB article was created to address customers' concerns regarding the detection of the libcurl library by their security software on VMware Backup Proxies, where the VMware VDDK package is installed. Libcurl is a component of VMware VDDK Virtual Disk Development Kit,...

Photon OS 5.0: Open PHSA-2024-5.0-0430

An update of the open package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0430. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Util PHSA-2024-5.0-0424

An update of the util package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0424. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Libksba PHSA-2024-5.0-0424

An update of the libksba package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0424. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Libtar PHSA-2024-5.0-0424

An update of the libtar package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0424. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

CVE-2025-22231

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations...

CVE-2025-22231 VMware Aria Operations updates address a local privilege escalation vulnerability (CVE-2025-22231)

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations...

CVE-2025-22231

VMware Aria Operations (8.x, on any host) is affected by a local privilege escalation that allows a user with local admin rights to escalate to root on the appliance. The issue is addressed by patching to 8.18 HF 5 (per VMSA-2025-0006). Connected security advisories indicate a CVSSv3 base score o...

CVE-2025-22231 VMware Aria Operations updates address a local privilege escalation vulnerability (CVE-2025-22231)

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can escalate their privileges to root on the appliance running VMware Aria Operations...

PT-2025-14620 · Vmware · Vmware Vmfs

Name of the Vulnerable Software and Affected Versions: VMware VMFS affected versions not specified Description: The issue concerns a directory traversal vulnerability in the VMware VMFS file system. No information is provided about the estimated number of potentially affected devices worldwide or...

PT-2025-14111 · Vmware · Vmware Aria Operations

Name of the Vulnerable Software and Affected Versions: VMware Aria Operations affected versions not specified Description: A local privilege escalation vulnerability exists in VMware Aria Operations. An actor with local administrative privileges can escalate their privileges to root on the...

VMware Aria Operations 安全漏洞

VMware Aria Operations is a unified, AI-driven, self-driving IT operations management platform for private, hybrid, and multi-cloud environments from VMware, Inc. A security vulnerability exists in VMware Aria Operations that stems from a local elevation of privilege...

VMSA-2025-0006: VMware Aria Operations updates address a local privilege escalation vulnerability (CVE-2025-22231)

Advisory ID: | VMSA-2025-0006 ---|--- Advisory Severity: | Important CVSSv3 Range: | 7.8 Synopsis: | VMware Aria Operations updates address a local privilege escalation vulnerability CVE-2025-22231 Issue date: | 2025-04-01 Updated on: | 2025-04-01 Initial Advisory CVEs | CVE-2025-22231 1. Impacte...

Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in VMware Tanzu Spring Security (CVE-2024-38827)

Summary A vulnerability in VMware Tanzu Spring Security that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-38827 DESCRIPTION: VMware Tanzu Spring Security could allow a remote attacker to bypass security restrictions, caused by a locale dependent...

Security Bulletin: IBM InfoSphere Information Server is affected by multiple vulnerabilities in VMware Tanzu Spring Framework

Summary Multiple vulnerabilities in VMware Tanzu Spring Framework that is used by InfoSphere Information Server were addressed. Vulnerability Details CVEID:CVE-2024-38820 DESCRIPTION: VMware Tanzu Spring Framework could provide weaker than expected security, caused by a flaw related to...

CVE-2025-22230

VMware Tools for Windows contains an authentication bypass vulnerability due to improper access control. A malicious actor with non-administrative privileges on a guest VM may gain ability to perform certain high privilege operations within that VM...

The vulnerability of DRM/VMWGFX components in Linux kernel allows a perpetrator to trigger a service failure.

The vulnerability of DRM/VMWGFX components in Linux operating systems is related to incorrect calculations in their functions. Exploiting this vulnerability can allow a perpetrator to cause service failures...

Photon OS 5.0: Postgresql13 PHSA-2025-5.0-0490

An update of the postgresql13 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0490. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Postgresql15 PHSA-2025-5.0-0490

An update of the postgresql15 package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0490. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...