VMSA-2011-0007:VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

VMSA-2011-0007 VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0007 VMware Security Advisory Synopsis: VMware ESXi and ESX Denial of Service and third party updat...

VMSA-2008-0013:Updated ESX packages for OpenSSL, net-snmp, perl

VMSA-2008-0013.4 Updated ESX packages for OpenSSL, net-snmp, perl VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0013.4 VMware Security AdvisorySynopsis: Updated ESX packages for OpenSSL, net-snmp, perl VMware Security AdvisoryIssue date: 2008-08-12 VMware Security...

VMSA-2008-0009:Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve CRITICAL security issues

VMSA-2008-0009.2 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0009.2 VMware Security AdvisorySynopsis: Update...

VMSA-2012-0012:VMware ESXi update to third party library

VMSA-2012-0012.2 VMware ESXi update to third party library VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0012.2 VMware Security Advisory Synopsis: VMware ESXi update to third party library VMware Security Advisory Issue date: 2012-07-12 VMware Security Advisory Updated...

VMSA-2020-0011:VMware ESXi, Workstation, Fusion, VMware Remote Console and Horizon Client updates address multiple security vulnerabilities

Advisory ID: VMSA-2020-0011.1 CVSSv3 Range: 3.3-7.3 Issue Date:2020-05-28 Updated On: 2020-07-09 CVEs: CVE-2020-3957, CVE-2020-3958, CVE-2020-3959 Synopsis: VMware ESXi, Workstation, Fusion, VMware Remote Console and Horizon Client updates address multiple security vulnerabilities CVE-2020-3957,...

VMware product updates address OpenSSL security vulnerabilities

a. Information Disclosure vulnerability in OpenSSL third party library The OpenSSL library is updated to version openssl-1.0.1g to resolve multiple security issuesThe Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2014-0076 and CVE-2014-0160 to these issues...

VMSA-2014-0002:VMware vSphere updates to third party libraries

VMSA-2014-0002.4 VMware vSphere updates to third party libraries VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0002.4 VMware Security Advisory Synopsis: VMware vSphere updates to third party libraries VMware Security Advisory Issue date: 2014-03-11 VMware Security...

VMSA-2012-0006:VMware ESXi and ESX address several security issues

VMSA-2012-0006.2 VMware ESXi and ESX address several security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0006.2 VMware Security Advisory Synopsis: VMware ESXi and ESX address several security issues VMware Security Advisory Issue date: 2012-03-29 VMware Securi...

VMware Tools updates address a SAML Token Signature Bypass Vulnerability (CVE-2023-20900)

3. SAML Token Signature Bypass vulnerability CVE-2023-20900 VMware Tools contains a SAML token signature bypass vulnerability. VMware has evaluated the severity of this issue to be in the Important severity range with a maximum CVSSv3 base score of 7.1...

VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

3. Problem Description Multiple products impacted by remote code execution vulnerability CVE-2022-22965...

VMSA-2014-0007:VMware product updates address security vulnerabilities in Apache Struts library

VMSA-2014-0007.2 VMware product updates address security vulnerabilities in Apache Struts library VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0007.2 VMware Security Advisory Synopsis: VMware product updates address security vulnerabilities in Apache Struts library...

VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components

a. JRE Security UpdateJRE update to version 1.5.020, which addresses multiple securityissues that existed in earlier releases of JRE. The Common Vulnerabilities and Exposures project cve.mitre.org hasassigned the following names to the security issues fixed inJRE 1.5.018: CVE-2009-1093,...

VMSA-2008-0008:Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve CRITICAL security issues

VMSA-2008-0008 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0008 VMware Security AdvisorySynopsis: Updates to VMware Workstation, VMware Player, VMware ACE, VMware...

VMSA-2019-0018:VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions

VMware Security Advisories Advisory ID| VMSA-2019-0018 ---|--- Advisory Severity| Moderate CVSSv3 Range| 6.8 Synopsis| VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions CVE-2019-5537, CVE-2019-5538 Issue Date| 2019-10-24...

VMSA-2016-0018:VMware product updates address local privilege escalation vulnerability in Linux kernel

VMSA-2016-0018.3 VMware product updates address local privilege escalation vulnerability in Linux kernel VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0018.3 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware product updates address...

VMSA-2023-0018:VMware Aria Operations for Networks updates address multiple vulnerabilities.

Advisory ID: VMSA-2023-0018.1 CVSSv3 Range: 7.2 - 9.8 Issue Date:2023-08-29 Updated On: 2023-08-31 CVEs: CVE-2023-34039, CVE-2023-20890 Synopsis: VMware Aria Operations for Networks updates address multiple vulnerabilities. CVE-2023-34039, CVE-2023-20890 RSS Feed Download PDF Download Text File...

VMSA-2022-0002:VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability

Advisory ID: VMSA-2022-0002 CVSSv3 Range: 4.0 Issue Date:2022-01-18 Updated On: 2022-01-18 Initial Advisory CVEs: CVE-2022-22938 Synopsis: VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability CVE-2022-22938 RSS Feed Download PDF Download Text File...

VMSA-2021-0013:VMware Tools, VMRC and VMware App Volumes update addresses a local privilege escalation vulnerability

Advisory ID: VMSA-2021-0013 CVSSv3 Range: 7.8 Issue Date:2021-06-22 Updated On: 2021-06-22 Initial Advisory CVEs: CVE-2021-21999 Synopsis: VMware Tools, VMRC and VMware App Volumes update addresses a local privilege escalation vulnerability CVE-2021-21999 RSS Feed Download PDF Download Text File...

VMSA-2013-0002:VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability

VMSA-2013-0002.1 VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0002.1 VMware Security Advisory Synopsis: VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability...

VMSA-2009-0014:VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues

VMSA-2009-0014.3 VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0014.3 VMware Security Advisory Synopsis: VMware ESX patches for DHCP, Service Console kernel, and JRE resolve...

VMSA-2021-0011:VMware Tools for Windows update addresses a denial-of-service vulnerability

Advisory ID: VMSA-2021-0011 CVSSv3 Range: 3.3 Issue Date:2021-06-17 Updated On: 2021-06-17 Initial Advisory CVEs: CVE-2021-21997 Synopsis: VMware Tools for Windows update addresses a denial-of-service vulnerability CVE-2021-21997 RSS Feed Download PDF Download Text File Share this page on social...

VMSA-2013-0012:VMware vSphere updates address multiple vulnerabilities

VMSA-2013-0012.1 VMware vSphere updates address multiple vulnerabilities VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0012.1 VMware Security Advisory Synopsis: VMware vSphere updates address multiple vulnerabilities VMware Security Advisory Issue date: 2013-10-17 VMwar...

VMSA-2010-0018:VMware hosted products and ESX patches resolve multiple security issues

VMSA-2010-0018 VMware hosted products and ESX patches resolve multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0018 VMware Security Advisory Synopsis: VMware hosted products and ESX patches resolve multiple security issues VMware Security Advisory...

VMSA-2025-0007: VMware Tools update addresses an insecure file handling vulnerability (CVE-2025-22247)

Advisory ID: | VMSA-2025-0007 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 6.1 Synopsis: | VMware Tools update addresses an insecure file handling vulnerability CVE-2025-22247 Issue date: | 2025-05-12 Updated on: | 2025-05-12 Initial Advisory CVEs | CVE-2025-22247 1. Impacted Products...

VMware ESXi and ESX updates to third party library and ESX Service Console

a. ESX third party update for Service Console kernelThe ESX Service Console Operating System COS kernel is updated to kernel-2.6.18-274.3.1.el5 to fix multiple security issues in the COS kernel.The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2011-0726,...

VMware SD-WAN Edge and SD-WAN Orchestrator updates address multiple security vulnerabilities.

3a. Unauthenticated Command Injection vulnerability in SD-WAN Edge CVE-2024-22246 VMware SD-WAN Edge contains an unauthenticated command injection vulnerability potentially leading to remote code execution. VMware has evaluated the severity of this issue to be in the Important severity range with...

VMSA-2022-0022:VMware vRealize Operations contains multiple vulnerabilities

Advisory ID: VMSA-2022-0022 CVSSv3 Range: 5.6-7.2 Issue Date:2022-08-09 Updated On: 2022-08-09 Initial Advisory CVEs: CVE-2022-31672, CVE-2022-31673, CVE-2022-31674, CVE-2022-31675 Synopsis: VMware vRealize Operations contains multiple vulnerabilities RSS Feed Download PDF Download Text File Shar...

VMSA-2013-0016:VMware ESXi and ESX unauthorized file access through vCenter Server and ESX

VMSA-2013-0016 VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0016 VMware Security Advisory Synopsis: VMware ESXi and ESX unauthorized file access through vCenter Server and ESX VMware Security...

VMSA-2024-0002:VMware Aria Operations for Networks (Formerly vRealize Network Insight) updates address multiple vulnerabilities

Advisory ID: VMSA-2024-0002 CVSSv3 Range: 4.3 - 7.8 Issue Date:2024-02-06 Updated On: 2024-02-06 Initial Advisory CVEs: CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 Synopsis: VMware Aria Operations for Networks Formerly vRealize Network Insight updates address...

VMware vCenter Server updates address multiple security vulnerabilities

3a. vCenter Server file upload vulnerability CVE-2021-22005 The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.8. 3b. vCenter Server...

VMSA-2016-0014:VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues

VMSA-2016-0014.1 VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0014.1 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware ESXi, Workstation, Fusion, an...

VMSA-2016-0001:VMware ESXi, Fusion, Player, and Workstation updates address HIGH guest privilege escalation vulnerability

VMSA-2016-0001 VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0001 VMware Security Advisory Synopsis: VMware ESXi, Fusion, Player, and Workstation updates...

VMSA-2008-0014:Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.

VMSA-2008-0014.3 Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues. VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0014.3 VMware Security...

VMSA-2022-0015:VMware Tools for Windows update addresses an XML External Entity (XXE) vulnerability

Advisory ID: VMSA-2022-0015 CVSSv3 Range: 5.8 Issue Date:2022-05-24 Updated On: 2022-05-24 Initial Advisory CVEs: CVE-2022-22977 Synopsis: VMware Tools for Windows update addresses an XML External Entity XXE vulnerability CVE-2022-22977 RSS Feed Download PDF Download Text File Share this page on...

VMSA-2008-0002:Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.

VMSA-2008-0002.1 Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1. VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0002.1 VMware Security AdvisorySynopsis: Updated Tomcat and Java JRE packages for...

VMSA-2023-0026:VMware Cloud Director Appliance contains an authentication bypass vulnerability

Advisory ID: VMSA-2023-0026.1 CVSSv3 Range: 9.8 Issue Date:2023-11-14 Updated On: 2023-11-30 CVEs: CVE-2023-34060 Synopsis: VMware Cloud Director Appliance contains an authentication bypass vulnerability CVE-2023-34060. RSS Feed Download PDF Download Text File Share this page on social media: 1...

VMSA-2016-0020:vRealize Operations update addresses REST API deserialization vulnerability

VMSA-2016-0020 vRealize Operations update addresses REST API deserialization vulnerability. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0020 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: vRealize Operations update addresses REST API...

VMSA-2011-0006:VMware vmrun utility local privilege escalation

VMSA-2011-0006.1 VMware vmrun utility local privilege escalation VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0006.1 VMware Security Advisory Synopsis: VMware vmrun utility local privilege escalation VMware Security Advisory Issue date: 2011-03-29 VMware Security...

VMware Virtual Appliance updates address side-channel analysis due to speculative execution

a. VMware Virtual Appliance Mitigations for Bounds-Check bypass Spectre-1, and Rogue data cache load issues Meltdown CPU data cache timing can be abused to efficiently leak information out of mis-speculated CPU execution, leading to at worst arbitrary virtual memory read vulnerabilities across...

VMSA-2010-0004:ESX Service Console and vMA third party updates

VMSA-2010-0004.5 ESX Service Console and vMA third party updates VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0004.5 VMware Security Advisory Synopsis: ESX Service Console and vMA third party updates VMware Security Advisory Issue date: 2010-03-03 VMware Security...

VMSA-2008-0003:Updated aacraid driver and Samba and Python service console updates

VMSA-2008-0003.1 Updated aacraid driver and Samba and Python service console updates VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0003.1 VMware Security AdvisorySynopsis: Updated aacraid driver and Samba and Python service console updates VMware Security AdvisoryIssue...

VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)

3. Linux kernel vulnerabilities in TCP Selective Acknowledgement SACK CVE-2019-11477, CVE-2019-11478 CVE-2019-11477 - SACK Panic - A sequence of SACKs may be crafted such that one can trigger an integer overflow, leading to a kernel panic. VMware has evaluated the severity of this issue to be in...

AirWatch by VMware product update addresses information disclosure vulnerabilities

a. AirWatch by VMware information disclosure vulnerability AirWatch by VMware has direct object reference vulnerabilities. These issues may allow a user that manages an AirWatch deployment in a multi-tenant environment to view the organizational information and statistics of another tenant.AirWat...

VMSA-2022-0025:VMware ESXi and vCenter Server updates address multiple security vulnerabilities

Advisory ID: VMSA-2022-0025 CVSSv3 Range: 3.8-7.2 Issue Date:2022-10-06 Updated On: 2022-10-06 Initial Advisory CVEs: CVE-2022-31680, CVE-2022-31681 Synopsis: VMware ESXi and vCenter Server updates address multiple security vulnerabilities CVE-2022-31680, CVE-2022-31681 RSS Feed Download PDF...

VMware Response to Spring Framework Remote Code Execution Vulnerability (CVE-2022-22965)

IMPORTANT See the Notes section if prior to April 6, 3 PM PST you have updated TAS or Ops Manager or you have applied workarounds to TAS, Ops Manager or TKGi. 1. Impacted Products VMware Tanzu Application Service for VMs TAS VMware Tanzu Operations Manager Ops Manager VMware Tanzu Kubernetes Grid...

VMSA-2015-0004:VMware Workstation, Fusion and Horizon View Client updates address CRITICAL security issues

VMSA-2015-0004 VMware Workstation, Fusion and Horizon View Client updates address critical security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2015-0004 VMware Security Advisory Synopsis: VMware Workstation, Fusion and Horizon View Client updates address critical...

VMSA-2009-0010:VMware Hosted products update libpng and Apache HTTP Server

VMSA-2009-0010.1 VMware Hosted products update libpng and Apache HTTP Server VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0010.1 VMware Security Advisory Synopsis: VMware Hosted products update libpng and Apache HTTP Server VMware Security Advisory Issue date: 2009-08-...

VMSA-2022-0005:VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability

Advisory ID: VMSA-2022-0005.2 CVSSv3 Range: 8.8 Issue Date:2022-02-15 Updated On: 2022-04-07 CVEs: CVE-2022-22945 Synopsis: VMware NSX Data Center for vSphere update addresses CLI shell injection vulnerability CVE-2022-22945 RSS Feed Download PDF Download Text File Share this page on social media...

VMSA-2015-0008:VMware product updates address information disclosure issue.

VMSA-2015-0008.2 VMware product updates address information disclosure issue. VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2015-0008.2 VMware Security AdvisorySynopsis: VMware product updates address information disclosure issue. VMware Security AdvisoryIssue date: 2015-11-1...

VMSA-2013-0015:VMware ESX updates to third party libraries

VMSA-2013-0015 VMware ESX updates to third party libraries VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0015 VMware Security Advisory Synopsis: VMware ESX updates to third party libraries VMware Security Advisory Issue date: 2013-12-05 VMware Security Advisory Updated...