CVE-2025-22215 VMSA-2025-0001: VMware Aria automation update addresses a server side request forgery vulnerability (CVE-2025-22215)

VMware Aria Automation contains a server-side request forgery SSRF vulnerability. A malicious actor with "Organization Member" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network...

CVE-2025-22215 VMSA-2025-0001: VMware Aria automation update addresses a server side request forgery vulnerability (CVE-2025-22215)

VMware Aria Automation contains a server-side request forgery SSRF vulnerability. A malicious actor with "Organization Member" access to Aria Automation may exploit this vulnerability enumerate internal services running on the host/network...

VMware Aria Automation 代码问题漏洞

VMware Aria Automation is a modern workflow automation platform from VMware that simplifies and automates complex data center infrastructure tasks to improve scalability and agility. A code issue vulnerability exists in VMware Aria Automation. An attacker exploiting this vulnerability could...

USN-7169-3: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

USN-7169-3 linux-aws, linux-raspi vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-49967, CVE-2024-53057, CVE-2024-502...

USN-7167-2: Linux kernel vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-50264, CVE-2024-49967, CVE-2024-530...

USN-7167-2 linux-hwe-6.8, linux-lowlatency, linux-lowlatency-hwe-6.8 vulnerabilities

Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the following subsystems: - Ext4 file system; - Network traffic control; - VMware vSockets driver; CVE-2024-50264, CVE-2024-49967, CVE-2024-530...

Ubuntu 22.04 LTS / 24.04 LTS : Linux kernel vulnerabilities (USN-7167-2)

The remote Ubuntu 22.04 LTS / 24.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7167-2 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update...

Ubuntu 24.10 : Linux kernel vulnerabilities (USN-7169-3)

The remote Ubuntu 24.10 host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7169-3 advisory. Several security issues were discovered in the Linux kernel. An attacker could possibly use these to compromise the system. This update corrects flaws in the...

VMSA-2025-0001: VMware Aria automation update addresses a server side request forgery vulnerability (CVE-2025-22215)

Advisory ID: | VMSA-2025-0001 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 4.3 Synopsis: | VMware Aria Automation update addresses a server side request forgery vulnerability CVE-2025-22215 Issue date: | 2025-01-07 Updated on: | 2025-01-07 CVEs | CVE-2025-22215 1. Impacted Products VMwar...

USN-7179-2 linux-aws, linux-aws-5.15, linux-gcp, linux-gcp-5.15, linux-hwe-5.15, linux-nvidia, linux-oracle, linux-raspi vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

USN-7183-1: Linux kernel vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

USN-7183-1 linux, linux-lts-xenial vulnerabilities

Andy Nguyen discovered that the Bluetooth L2CAP implementation in the Linux kernel contained a type-confusion error. A physically proximate remote attacker could use this to cause a denial of service system crash or possibly execute arbitrary code. CVE-2020-12351 Andy Nguyen discovered that the...

Ubuntu 16.04 LTS / 18.04 LTS : Linux kernel vulnerabilities (USN-7185-1)

The remote Ubuntu 16.04 LTS / 18.04 LTS host has a package installed that is affected by multiple vulnerabilities as referenced in the USN-7185-1 advisory. Ziming Zhang discovered that the VMware Virtual GPU DRM driver in the Linux kernel contained an integer overflow vulnerability. A local...

Photon OS 5.0: Bpftrace PHSA-2025-5.0-0435

An update of the bpftrace package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0435. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Photon OS 5.0: Bcc PHSA-2025-5.0-0435

An update of the bcc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0435. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid21349...

Photon OS 4.0: Bcc PHSA-2025-4.0-0729

An update of the bcc package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-4.0-0729. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid21349...

Photon OS 5.0: Expat PHSA-2025-5.0-0435

An update of the expat package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2025-5.0-0435. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...

Security Bulletin: Multiple Vulnerabilities of IBM Java SDK have affected VMware Agent from IBM Tivoli Monitoring for Virtual Environments product

Summary VMware Agent from IBM Tivoli Monitoring for Virtual Environments product is vulnerable to IBM java SDK. The fix includes IBM Java SDK upgraded to 08.08.25.00 version. Vulnerability Details CVEID:CVE-2023-22081 DESCRIPTION: An unspecified vulnerability in Java SE related to the JSSE...

PT-2025-39834

Name of the Vulnerable Software and Affected Versions VMware Aria Operations and VMware Tools versions prior to fixes available since October 2024 open-vm-tools versions prior to 2:11.3.0-2ubuntu0ubuntu20.04.8+esm1 VMware Cloud Foundation 4.x and 5.x, 9.xxx, 13.xxx vSphere Foundation 9.xxx, 13.xx...