VMSA-2017-0007:VMware vCenter Server updates resolve a remote code execution vulnerability via BlazeDS

VMSA-2017-0007 VMware vCenter Server updates resolve a remote code execution vulnerability via BlazeDS VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0007 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware vCenter Server updates resolve...

VMSA-2017-0004:VMware product updates resolve remote code execution vulnerability via Apache Struts 2

VMSA-2017-0004.7 VMware product updates resolve remote code execution vulnerability via Apache Struts 2 VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0004.7 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware product updates resolve...

VMSA-2018-0020:VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM vulnerability.

VMSA-2018-0020 VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM vulnerability. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0020 VMware Security Advisory Severity: Important VMware Security Advisory...

VMSA-2018-0009:vRealize Automation updates address multiple security issues.

VMSA-2018-0009 vRealize Automation updates address multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0009 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: vRealize Automation updates address multiple security issues...

Unauthenticated Command Injection vulnerability in VMware SD-WAN Edge by VeloCloud

Unauthenticated Command Injection vulnerability in VMware SD-WAN Edge by VeloCloud VMware SD-WAN Edge by VeloCloud contains a command injection vulnerability in the local web UI component. This component is disabled by default and should not be enabled on untrusted networks. VeloCloud by VMware...

VMSA-2018-0002:VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.

VMSA-2018-0002.3 VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0002.3 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware ESXi,...

Horizon 6, 7, Horizon Agent, and Horizon Client for Windows updates address an out-of-bounds read vulnerability

Out-of-bounds read vulnerability in the Message Framework library Horizon 6, 7, Horizon Agent, and Horizon Client for Windows contain an out-of-bounds read vulnerability in the Message Framework library. Successfully exploiting this issue may allow a less-privileged user to leak information from ...

VMSA-2018-0017:VMware Tools update addresses an out-of-bounds read vulnerability

VMSA-2018-0017.4 VMware Tools update addresses an out-of-bounds read vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0017.4 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Tools update addresses an out-of-bounds read...

VMSA-2018-0012:VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.

VMSA-2018-0012.1 VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0012.1 VMware Security Advisory Severity: Moderate VMware Security Advisory...

VMSA-2018-0021:Operating System-Specific Mitigations address L1 Terminal Fault - OS vulnerability in VMware Virtual Appliances.

VMSA-2018-0021.2 Operating System-Specific Mitigations address L1 Terminal Fault - OS vulnerability in VMware Virtual Appliances. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0021.2 VMware Security Advisory Severity: Moderate VMware Security Advisory Synopsis: Operatin...

VMSA-2017-0008:VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security vulnerabilities

VMSA-2017-0008.2 VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0008.2 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware...

VMSA-2017-0006:VMware ESXi, Workstation and Fusion updates address CRITICAL and MEDIUM security issues

VMSA-2017-0006 VMware ESXi, Workstation and Fusion updates address critical and moderate security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0006 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware ESXi, Workstation and Fusion...

VMSA-2017-0012:VMware VIX API VM Direct Access Function security issue

VMSA-2017-0012 VMware VIX API VM Direct Access Function security issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0012 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware VIX API VM Direct Access Function security issue VMware...

VMSA-2018-0006:vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities

VMSA-2018-0006 vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0006 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis:...

VMSA-2017-0021:VMware ESXi, vCenter Server Appliance, Workstation and Fusion updates address multiple security vulnerabilities

VMSA-2017-0021 VMware ESXi, vCenter Server Appliance, Workstation and Fusion updates address multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0021 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware ESXi,...

VMSA-2018-0007:VMware Virtual Appliance updates address side-channel analysis due to speculative execution

VMSA-2018-0007.6 VMware Virtual Appliance updates address side-channel analysis due to speculative execution VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0007.6 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Virtual Appliance...

VMSA-2018-0004:VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Remediation for speculative execution issue

VMSA-2018-0004.3 VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Mitigations for speculative execution issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0005 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis:...

VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

a. Privilege escalation on 64-bit guest operating systemsVMware products emulate hardware functions, like CPU, Memory, and IO.A flaw in VMware's CPU hardware emulation could allow the virtual CPU to jump to an incorrect memory address. Exploitation of this issue on the guest operating system does...

VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) updates resolve SAML authentication bypass vulnerability

The VMware Workspace ONE Unified Endpoint Management Console AirWatch Console contains a SAML authentication bypass vulnerability which can be leveraged during device enrollment. This vulnerability may allow for a malicious actor to impersonate an authorized SAML session if certificate-based...

VMSA-2018-0016:VMware ESXi, Workstation, and Fusion updates address multiple out-of-bounds read vulnerabilities

VMSA-2018-0016 VMware ESXi, Workstation, and Fusion updates address multiple out-of-bounds read vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0016 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware ESXi, Workstation, a...

VMSA-2018-0018:VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues

VMSA-2018-0018 VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0018 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Horizon View...

VMware AirWatch Console updates address Broken Access Control vulnerability.

VMware AirWatch Console AWC Broken Access Control VMware AirWatch Console AWC contains a Broken Access Control vulnerability. Successful exploitation of this issue could result in end-user device details being disclosed to an unauthorized administrator. The Common Vulnerabilities and Exposures...

VMSA-2018-0001:vSphere Data Protection (VDP) updates address multiple security issues.

VMSA-2018-0001 vSphere Data Protection VDP updates address multiple security issues. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0001 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: vSphere Data Protection VDP updates address multiple...

VMSA-2017-0015:VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities

VMSA-2017-0015.2 VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0015.2 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware ESXi, vCente...

VMSA-2018-0005:VMware Workstation, and Fusion updates resolve use-after-free and integer-overfLOW vulnerabilities

VMSA-2018-0005 VMware Workstation, and Fusion updates resolve use-after - free and integer-overflow vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0005 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware Workstation, and...

Horizon DaaS update addresses a broken authentication issue

VMware Horizon DaaS Broken authentication issue in Horizon DaaS Horizon DaaS contains a broken authentication vulnerability that may allow an attacker to bypass two-factor authentication. Note: In order to exploit this issue, an attacker must have a legitimate account on Horizon DaaS. VMware woul...

VMSA-2017-0019:NSX for vSphere update addresses NSX Edge Cross-Site Scripting (XSS) issue.

VMSA-2017-0019 NSX for vSphere update addresses NSX Edge Cross-Site Scripting XSS issue. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0019 VMware Security Advisory Severity: Moderate VMware Security Advisory Synopsis: NSX for vSphere update addresses NSX Edge Cross-Sit...

VMSA-2018-0026:VMware ESXi, Workstation, and Fusion updates address an out-of-bounds read vulnerability

VMSA-2018-0026 VMware ESXi, Workstation, and Fusion updates address an out-of-bounds read vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0026 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware ESXi, Workstation, and Fusion...

VMSA-2017-0005:VMware Workstation and Fusion updates address out-of-bounds memory access vulnerability

VMSA-2017-0005 VMware Workstation and Fusion updates address out-of-bounds memory access vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0005 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware Workstation and Fusion updates...

VMSA-2022-0030:VMware ESXi and vCenter Server updates address multiple security vulnerabilities

Advisory ID: VMSA-2022-0030 CVSSv3 Range: 4.2-7.5 Issue Date:2022-12-08 Updated On: 2022-12-08 Initial Advisory CVEs: CVE-2022-31696, CVE-2022-31697, CVE-2022-31698, CVE-2022-31699 Synopsis: VMware ESXi and vCenter Server updates address multiple security vulnerabilities CVE-2022-31696,...

VMSA-2017-0013:VMware vCenter Server and Tools updates resolve multiple security vulnerabilities

VMSA-2017-0013 VMware vCenter Server and Tools updates resolve multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0013 VMware Security Advisory Severity: Moderate VMware Security Advisory Synopsis: VMware vCenter Server and Tools updates...

VMSA-2017-0010:vSphere Data Protection (VDP) updates address multiple security issues.

VMSA-2017-0010 vSphere Data Protection VDP updates address multiple security issues. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0010 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: vSphere Data Protection VDP updates address multiple...

AirWatch Agent and VMware Content Locker updates resolve data protection vulnerabilities

a. The AirWatch Agent for iOS devices contains a data protection vulnerability The AirWatch Agent for iOS devices contains a data protection vulnerability whereby the files and keychain entries in the Agent are not encrypted. VMware would like to thank Stephan Sekula of Compass Security for...

VMSA-2018-0027:VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage

VMSA-2018-0027 VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0027 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware ESXi, Workstation, and Fusion...

VMware Horizon Client update addresses a privilege escalation vulnerability

VMware Horizon Client for Linux Horizon Client VMware Horizon Client privilege escalation vulnerability VMware Horizon Client contains a local privilege escalation vulnerability due to insecure usage of SUID binary. Successful exploitation of this issue may allow unprivileged users to escalate...

Horizon View Client update addresses a command injection vulnerability

Horizon View Client command injection vulnerability VMware Horizon View Client contains a command injection vulnerability in the service startup script. Successful exploitation of this issue may allow unprivileged users to escalate their privileges to root on the Mac OSX system where the client i...

VMSA-2017-0018:VMware Workstation, Fusion and Horizon View Client updates resolve multiple security vulnerabilities

VMSA-2017-0018.1 VMware Workstation, Fusion and Horizon View Client updates resolve multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0018.1 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware Workstation,...

VMSA-2017-0017:VMware vCenter Server update resolves LDAP DoS, SSRF and CRLF injection issues

VMSA-2017-0017 VMware vCenter Server update resolves LDAP DoS, SSRF and CRLF injection issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0017 VMware Security Advisory Severity: Moderate VMware Security Advisory Synopsis: VMware vCenter Server update resolves LDAP DoS...

VMSA-2017-0014:VMware NSX-V Edge updates address OSPF Protocol LSA DoS

VMSA-2017-0014 VMware NSX-V Edge updates address OSPF Protocol LSA DoS VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0014 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware NSX-V Edge updates address OSPF Protocol LSA DoS VMware...

VMSA-2017-0009:VMware Workstation update addresses multiple security issues

VMSA-2017-0009 VMware Workstation update addresses multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0009 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Workstation update addresses multiple security issues...

Horizon DaaS update addresses an insecure data validation issue

a. Horizon DaaS insecure data validation Horizon DaaS contains a vulnerability that exists due to insufficient validation of data. An attacker may exploit this issue by tricking DaaS client users into connecting to a malicious server and sharing all their drives and devices. Successful exploitati...

VMSA-2015-0001:VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues

VMSA-2015-0001.2 VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2015-0001.2 VMware Security Advisory Synopsis: VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates...

VMware AirWatch Agent updates resolve remote code execution vulnerability.

The VMware AirWatch Agent for Android and Windows Mobile devices contain a remote code execution vulnerability in real time File Manager capabilities. This vulnerability may allow for unauthorized creation and execution of files in the Agent sandbox and other publicly accessible directories such ...

VMSA-2018-0013:VMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities

VMSA-2018-0013 VMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0013 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware...

VMware AirWatch Console and Launcher for Android updates resolve multiple vulnerabilities.

a. VMware AirWatch Console stored XSS vulnerability VMware AirWatch Console contains a vulnerability that could allow an authenticated AWC user to add a malicious URL to an enrolled device’s ‘Links’ page. Successful exploitation of this issue could result in an unsuspecting AWC user being...

VMSA-2018-0022:VMware Workstation and Fusion updates address an out-of-bounds write issue

VMSA-2018-0022 VMware Workstation and Fusion updates address an out-of-bounds write issue VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0022 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware Workstation and Fusion updates address an...

VMSA-2017-0003:VMware Workstation update addresses multiple security issues

VMSA-2017-0003 VMware Workstation update addresses multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2017-0003 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware Workstation update addresses multiple security issues...

VMSA-2018-0025:VMware ESXi, Workstation, and Fusion workarounds address a denial-of-service vulnerability

VMSA-2018-0025 VMware ESXi, Workstation, and Fusion workarounds address a denial-of-service vulnerability VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2018-0025 VMware Security AdvisorySeverity: Important VMware Security AdvisorySynopsis: VMware ESXi, Workstation, and Fusion...

VMSA-2018-0003:vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities

VMSA-2018-0003 vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2018-0003 VMware Security Advisory...

AirWatch updates address bypass of root detection and local container encryption

a. Root detection bypass Airwatch Agent for Android contains a vulnerability that may allow a device to bypass root detection. Successful exploitation of this issue may result in an enrolled device having unrestricted access over local Airwatch security controls and data. VMware would like to tha...