548 matches found
VMSA-2008-0009:Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve CRITICAL security issues
VMSA-2008-0009.2 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0009.2 VMware Security AdvisorySynopsis: Update...
VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
3a. VMware ESXi 'busybox' command injection vulnerability- CVE-2017-16544 ESXi contains a command injection vulnerability due to the use of vulnerable version of busybox that does not sanitize filenames which may result into executing any escape sequence in the shell. VMware has evaluated the...
VMware product updates address a critical glibc security vulnerability.
a. glibc update for multiple products...
VMSA-2014-0003:VMware vSphere Client updates address security vulnerabilities
VMSA-2014-0003 VMware vSphere Client updates address security vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0003 VMware Security Advisory Synopsis: VMware vSphere Client updates address security vulnerabilities VMware Security Advisory Issue date:...
VMSA-2012-0006:VMware ESXi and ESX address several security issues
VMSA-2012-0006.2 VMware ESXi and ESX address several security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0006.2 VMware Security Advisory Synopsis: VMware ESXi and ESX address several security issues VMware Security Advisory Issue date: 2012-03-29 VMware Securi...
VMSA-2008-0013:Updated ESX packages for OpenSSL, net-snmp, perl
VMSA-2008-0013.4 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0013.4 VMware Security AdvisorySynopsis: Updated ESX packages for OpenSSL, net-snmp, perl VMware Security AdvisoryIssue date: 2008-08-12 VMware Security...
VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues
a. VMware Workstation heap-based buffer overflow vulnerabilities via Cortado ThinPrint VMware Workstation contains vulnerabilities that may allow a Windows-based Virtual Machine VM to trigger a heap-based buffer overflow. Exploitation of these issues may lead to arbitrary code execution in VMware...
VMSA-2012-0012:VMware ESXi update to third party library
VMSA-2012-0012.2 VMware ESXi update to third party library VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0012.2 VMware Security Advisory Synopsis: VMware ESXi update to third party library VMware Security Advisory Issue date: 2012-07-12 VMware Security Advisory Updated...
VMSA-2023-0018:VMware Aria Operations for Networks updates address multiple vulnerabilities.
Advisory ID: VMSA-2023-0018.1 CVSSv3 Range: 7.2 - 9.8 Issue Date:2023-08-29 Updated On: 2023-08-31 CVEs: CVE-2023-34039, CVE-2023-20890 Synopsis: VMware Aria Operations for Networks updates address multiple vulnerabilities. CVE-2023-34039, CVE-2023-20890 RSS Feed Download PDF Download Text File...
VMSA-2014-0007:VMware product updates address security vulnerabilities in Apache Struts library
VMSA-2014-0007.2 VMware product updates address security vulnerabilities in Apache Struts library VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0007.2 VMware Security Advisory Synopsis: VMware product updates address security vulnerabilities in Apache Struts library...
VMSA-2014-0002:VMware vSphere updates to third party libraries
VMSA-2014-0002.4 VMware vSphere updates to third party libraries VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0002.4 VMware Security Advisory Synopsis: VMware vSphere updates to third party libraries VMware Security Advisory Issue date: 2014-03-11 VMware Security...
VMware Tools updates address a SAML Token Signature Bypass Vulnerability (CVE-2023-20900)
3. SAML Token Signature Bypass vulnerability CVE-2023-20900 VMware Tools contains a SAML token signature bypass vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1...
VMware product updates address OpenSSL security vulnerabilities
a. Information Disclosure vulnerability in OpenSSL third party library The OpenSSL library is updated to version openssl-1.0.1g to resolve multiple security issuesThe Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2014-0076 and CVE-2014-0160 to these issues...
VMSA-2019-0018:VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions
VMware Security Advisories Advisory ID| VMSA-2019-0018 ---|--- Advisory Severity| Moderate CVSSv3 Range| 6.8 Synopsis| VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions CVE-2019-5537, CVE-2019-5538 Issue Date| 2019-10-24...
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
a. JRE Security UpdateJRE update to version 1.5.020, which addresses multiple securityissues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project cve.mitre.org hasassigned the following names to the security issues fixed inJRE 1.5.018: CVE-2009-1093,...
VMSA-2008-0008:Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve CRITICAL security issues
VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0008 VMware Security AdvisorySynopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware...
VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)
3. Problem Description Multiple products impacted by remote code execution vulnerability CVE-2022-22965...
VMSA-2021-0013:VMware Tools, VMRC and VMware App Volumes update addresses a local privilege escalation vulnerability
Advisory ID: VMSA-2021-0013 CVSSv3 Range: 7.8 Issue Date:2021-06-22 Updated On: 2021-06-22 Initial Advisory CVEs: CVE-2021-21999 Synopsis: VMware Tools, VMRC and VMware App Volumes update addresses a local privilege escalation vulnerability CVE-2021-21999 RSS Feed Download PDF Download Text File...
VMSA-2021-0011:VMware Tools for Windows update addresses a denial-of-service vulnerability
Advisory ID: VMSA-2021-0011 CVSSv3 Range: 3.3 Issue Date:2021-06-17 Updated On: 2021-06-17 Initial Advisory CVEs: CVE-2021-21997 Synopsis: VMware Tools for Windows update addresses a denial-of-service vulnerability CVE-2021-21997 RSS Feed Download PDF Download Text File Share this page on social...
VMSA-2016-0018:VMware product updates address local privilege escalation vulnerability in Linux kernel
VMSA-2016-0018.3 VMware product updates address local privilege escalation vulnerability in Linux kernel VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0018.3 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware product updates address...
VMSA-2009-0014:VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
VMSA-2009-0014.3 VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0014.3 VMware Security Advisory Synopsis: VMware ESX patches for DHCP, Service Console kernel, and JRE resolve...
VMSA-2022-0002:VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability
Advisory ID: VMSA-2022-0002 CVSSv3 Range: 4.0 Issue Date:2022-01-18 Updated On: 2022-01-18 Initial Advisory CVEs: CVE-2022-22938 Synopsis: VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability CVE-2022-22938 RSS Feed Download PDF Download Text File...
VMSA-2013-0002:VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability
VMSA-2013-0002.1 VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0002.1 VMware Security Advisory Synopsis: VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability...
VMware SD-WAN Edge and SD-WAN Orchestrator updates address multiple security vulnerabilities.
3a. Unauthenticated Command Injection vulnerability in SD-WAN Edge CVE-2024-22246 VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. VMware has evaluated the severity of this issue to be in the Important severity range with...
VMSA-2022-0022:VMware vRealize Operations contains multiple vulnerabilities
Advisory ID: VMSA-2022-0022 CVSSv3 Range: 5.6-7.2 Issue Date:2022-08-09 Updated On: 2022-08-09 Initial Advisory CVEs: CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675 Synopsis: VMware vRealize Operations contains multiple vulnerabilities RSS Feed Download PDF Download Text File Shar...
VMSA-2022-0015:VMware Tools for Windows update addresses an XML External Entity (XXE) vulnerability
Advisory ID: VMSA-2022-0015 CVSSv3 Range: 5.8 Issue Date:2022-05-24 Updated On: 2022-05-24 Initial Advisory CVEs: CVE-2022-22977 Synopsis: VMware Tools for Windows update addresses an XML External Entity XXE vulnerability CVE-2022-22977 RSS Feed Download PDF Download Text File Share this page on...
VMSA-2013-0012:VMware vSphere updates address multiple vulnerabilities
VMSA-2013-0012.1 VMware vSphere updates address multiple vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0012.1 VMware Security Advisory Synopsis: VMware vSphere updates address multiple vulnerabilities VMware Security Advisory Issue date: 2013-10-17 VMwar...
VMSA-2010-0018:VMware hosted products and ESX patches resolve multiple security issues
VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0018 VMware Security Advisory Synopsis: VMware hosted products and ESX patches resolve multiple security issues VMware Security Advisory...
VMSA-2025-0013: VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239)
Advisory ID: | VMSA-2025-0013 ---|--- Advisory Severity: | Critical CVSSv3 Range: | 6.2-9.3 Synopsis: | VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239 Issue date: | 2025-07-15 Updated on: |...
VMSA-2013-0016:VMware ESXi and ESX unauthorized file access through vCenter Server and ESX
VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0016 VMware Security Advisory Synopsis: VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security...
VMware ESXi and ESX updates to third party library and ESX Service Console
a. ESX third party update for Service Console kernelThe ESX Service Console Operating System COS kernel is updated to kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the COS kernel.The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2011-0726,...
VMSA-2024-0002:VMware Aria Operations for Networks (Formerly vRealize Network Insight) updates address multiple vulnerabilities
Advisory ID: VMSA-2024-0002 CVSSv3 Range: 4.3 - 7.8 Issue Date:2024-02-06 Updated On: 2024-02-06 Initial Advisory CVEs: CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 Synopsis: VMware Aria Operations for Networks Formerly vRealize Network Insight updates address...
VMSA-2016-0014:VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues
VMSA-2016-0014.1 VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0014.1 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware ESXi, Workstation, Fusion, an...
VMSA-2016-0001:VMware ESXi, Fusion, Player, and Workstation updates address HIGH guest privilege escalation vulnerability
VMSA-2016-0001 VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0001 VMware Security Advisory Synopsis: VMware ESXi, Fusion, Player, and Workstation updates...
VMSA-2023-0026:VMware Cloud Director Appliance contains an authentication bypass vulnerability
Advisory ID: VMSA-2023-0026.1 CVSSv3 Range: 9.8 Issue Date:2023-11-14 Updated On: 2023-11-30 CVEs: CVE-2023-34060 Synopsis: VMware Cloud Director Appliance contains an authentication bypass vulnerability CVE-2023-34060. RSS Feed Download PDF Download Text File Share this page on social media: 1...
VMware vCenter Server updates address multiple security vulnerabilities
3a. vCenter Server file upload vulnerability CVE-2021-22005 The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. 3b. vCenter Server...
VMSA-2008-0014:Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.
VMSA-2008-0014.3 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues. VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0014.3 VMware Security...
VMSA-2011-0006:VMware vmrun utility local privilege escalation
VMSA-2011-0006.1 VMware vmrun utility local privilege escalation VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0006.1 VMware Security Advisory Synopsis: VMware vmrun utility local privilege escalation VMware Security Advisory Issue date: 2011-03-29 VMware Security...
VMSA-2008-0002:Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
VMSA-2008-0002.1 Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1. VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0002.1 VMware Security AdvisorySynopsis: Updated Tomcat and Java JRE packages for...
VMSA-2016-0020:vRealize Operations update addresses REST API deserialization vulnerability
VMSA-2016-0020 vRealize Operations update addresses REST API deserialization vulnerability. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0020 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: vRealize Operations update addresses REST API...
VMSA-2023-0024:VMware Tools updates address Local Privilege Escalation and SAML Token Signature Bypass vulnerabilities
Advisory ID: VMSA-2023-0024 CVSSv3 Range: 7.1 - 7.8 Issue Date:2023-10-26 Updated On: 2023-10-26 Initial Advisory CVEs: CVE-2023-34057, CVE-2023-34058 Synopsis: VMware Tools updates address Local Privilege Escalation and SAML Token Signature Bypass vulnerabilities CVE-2023-34057, CVE-2023-34058 R...
VMSA-2022-0025:VMware ESXi and vCenter Server updates address multiple security vulnerabilities
Advisory ID: VMSA-2022-0025 CVSSv3 Range: 3.8-7.2 Issue Date:2022-10-06 Updated On: 2022-10-06 Initial Advisory CVEs: CVE-2022-31680, CVE-2022-31681 Synopsis: VMware ESXi and vCenter Server updates address multiple security vulnerabilities CVE-2022-31680, CVE-2022-31681 RSS Feed Download PDF...
VMSA-2010-0004:ESX Service Console and vMA third party updates
VMSA-2010-0004.5 ESX Service Console and vMA third party updates VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0004.5 VMware Security Advisory Synopsis: ESX Service Console and vMA third party updates VMware Security Advisory Issue date: 2010-03-03 VMware Security...
VMSA-2008-0003:Updated aacraid driver and Samba and Python service console updates
VMSA-2008-0003.1 Updated aacraid driver and Samba and Python service console updates VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0003.1 VMware Security AdvisorySynopsis: Updated aacraid driver and Samba and Python service console updates VMware Security AdvisoryIssue...
VMSA-2022-0033:VMware ESXi, Workstation, and Fusion updates address a heap out-of-bounds write vulnerability
Advisory ID: VMSA-2022-0033 CVSSv3 Range: 5.9-9.3 Issue Date:2022-12-13 Updated On: 2022-12-13 Initial Advisory CVEs: CVE-2022-31705 Synopsis: VMware ESXi, Workstation, and Fusion updates address a heap out-of-bounds write vulnerability CVE-2022-31705 RSS Feed Download PDF Download Text File Shar...
VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)
3. Linux kernel vulnerabilities in TCP Selective Acknowledgement SACK CVE-2019-11477, CVE-2019-11478 CVE-2019-11477 - SACK Panic - A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. VMware has evaluated the severity of this issue to be in...
VMware Virtual Appliance updates address side-channel analysis due to speculative execution
a. VMware Virtual Appliance Mitigations for Bounds-Check bypass Spectre-1, and Rogue data cache load issues Meltdown CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to at worst arbitrary virtual memory read vulnerabilities across...
VMSA-2015-0004:VMware Workstation, Fusion and Horizon View Client updates address CRITICAL security issues
VMSA-2015-0004 VMware Workstation, Fusion and Horizon View Client updates address critical security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2015-0004 VMware Security Advisory Synopsis: VMware Workstation, Fusion and Horizon View Client updates address critical...
VMSA-2023-0008:VMware Workstation and Fusion updates address multiple security vulnerabilities
Advisory ID: VMSA-2023-0008 CVSSv3 Range: 7.3-9.3 Issue Date:2023-04-25 Updated On: 2023-04-25 Initial Advisory CVEs: CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872 Synopsis: VMware Workstation and Fusion updates address multiple security vulnerabilities CVE-2023-20869,...
AirWatch by VMware product update addresses information disclosure vulnerabilities
a. AirWatch by VMware information disclosure vulnerability AirWatch by VMware has direct object reference vulnerabilities. These issues may allow a user that manages an AirWatch deployment in a multi-tenant environment to view the organizational information and statistics of another tenant.AirWat...