VMSA-2016-0006:VMware vCenter Server updates address an HIGH cross-site scripting issue

VMSA-2016-0006 VMware vCenter Server updates address an important cross-site scripting issue. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0006 VMware Security Advisory Synopsis: VMware vCenter Server updates address an important cross-site scripting issue VMware...

VMSA-2015-0006:VMware vCenter Server updates address a LDAP certificate validation issue

VMSA-2015-0006.1 VMware vCenter Server updates address a LDAP certificate validation issue VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2015-0006.1 VMware Security AdvisorySynopsis: VMware vCenter Server updates address a LDAP certificate validation issue VMware Security...

VMSA-2010-0013:VMware ESX third party updates for Service Console

VMSA-2010-0013.3 VMware ESX third party updates for Service Console VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0013.3 VMware Security Advisory Synopsis: VMware ESX third party updates for Service Console VMware Security Advisory Issue date: 2010-08-31 VMware Security...

Updated ESX packages for OpenSSL, net-snmp, perl

I Security Issuesa. OpenSSL Binaries UpdatedThis fix updates the third party OpenSSL library.The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2007-3108 and CVE-2007-5135 to the issues addressed by this update...

VMware Workspace ONE Launcher updates addresses privilege escalation vulnerability. (CVE-2023-34064)

3. Privilege Escalation Vulnerability Workspace ONE Launcher contains a Privilege Escalation Vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.3...

VMSA-2013-0010:VMware Workstation host privilege escalation vulnerability

VMSA-2013-0010 VMware Workstation host privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0010 VMware Security Advisory Synopsis: VMware Workstation host privilege escalation vulnerability VMware Security Advisory Issue date: 2013-08-22...

VMSA-2011-0005:VMware vCenter Orchestrator and Alive Enterprise remote code execution vulnerability

VMSA-2011-0005.3 VMware vCenter Orchestrator and Alive Enterprise remote code execution vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0005.3 VMware Security Advisory Synopsis: VMware vCenter Orchestrator and Alive Enterprise remote code execution...

VMSA-2008-0015:Updated ESXi and ESX 3.5 packages address CRITICAL security issue in openwsman

VMSA-2008-0015 Updated ESXi and ESX 3.5 packages address critical security issue in openwsman VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0015 VMware Security AdvisorySynopsis: Updated ESXi and ESX 3.5 packages address critical security issue in openwsman VMware Securi...

VMSA-2009-0001:ESX patches address an issue loading corrupt virtual disks and update Service Console packages

VMSA-2009-0001.1 ESX patches address an issue loading corrupt virtual disks and update Service Console packages VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0001.1 VMware Security Advisory Synopsis: ESX patches address an issue loading corrupt virtual disks and update...

VMSA-2025-0015: VMware Aria Operations and VMware Tools updates address multiple vulnerabilities (CVE-2025-41244,CVE-2025-41245, CVE-2025-41246)

Advisory ID: | VMSA-2025-0015.1 ---|--- Advisory Severity: | Important CVSSv3 Range: | 4.9 -7.8 Synopsis: | VMware Aria Operations and VMware Tools updates address multiple vulnerabilities CVE-2025-41244,CVE-2025-41245, CVE-2025-41246 Issue date: | 2025-09-29 Updated on: | 2025-10-30 CVEs |...

VMSA-2023-0005:VMware vRealize Orchestrator update addresses an XML External Entity (XXE) vulnerability

Advisory ID: VMSA-2023-0005 CVSSv3 Range: 8.8 Issue Date:2023-02-21 Updated On: 2023-02-21 Initial Advisory CVEs: CVE-2023-20855 Synopsis: VMware vRealize Orchestrator update addresses an XML External Entity XXE vulnerability CVE-2023-20855 RSS Feed Download PDF Download Text File Share this page...

VMSA-2020-0008:VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability

Advisory ID: VMSA-2020-0008 CVSSv3 Range: 8.3 Issue Date:2020-04-28 Updated On: 2020-04-28 Initial Advisory CVEs: CVE-2020-3955 Synopsis: VMware ESXi patches address Stored Cross-Site Scripting XSS vulnerability CVE-2020-3955 RSS Feed Download PDF Download Text File Share this page on social medi...

VMware vSphere security updates for the authentication service and third party libraries

a. VMware vSphere client-side authentication memory corruption vulnerabilityVMware vCenter Server, vSphere Client, and ESX contain a vulnerability in the handling of the management authentication protocol. To exploit this vulnerability, an attacker must convince either vCenter Server, vSphere...

VMSA-2011-0001:VMware ESX third party updates for Service Console packages glibc, sudo, and openldap

VMSA-2011-0001.3 VMware ESX third party updates for Service Console packages glibc, sudo, and openldap VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0001.3 VMware Security Advisory Synopsis: VMware ESX third party updates for Service Console packages glibc, sudo, and...

Updated ESX service console packages for Samba and vmnix

I Service Console rpm updates a. Security Update to Service Console Kernel This fix upgrades service console kernel version to 2.4.21-57.EL. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2007-5001, CVE-2007-6151, CVE-2007-6206, CVE-2008-0007,...

VMSA-2023-0012:VMware Aria Operations for Networks updates address multiple vulnerabilities.

Advisory ID: VMSA-2023-0012.2 CVSSv3 Range: 8.8 - 9.8 Issue Date:2023-06-07 Updated On: 2023-06-20 CVEs: CVE-2023-20887, CVE-2023-20888, CVE-2023-20889 Synopsis: VMware Aria Operations for Networks updates address multiple vulnerabilities. CVE-2023-20887, CVE-2023-20888, CVE-2023-20889 RSS Feed...

VMSA-2022-0019:VMware vRealize Log Insight contains multiple stored cross-site scripting vulnerabilities

Advisory ID: VMSA-2022-0019 CVSSv3 Range: 3.9 Issue Date:2022-07-12 Updated On: 2022-07-12 Initial Advisory CVEs: CVE-2022-31654, CVE-2022-31655 Synopsis: VMware vRealize Log Insight contains multiple stored cross-site scripting vulnerabilities RSS Feed Download PDF Download Text File Share this...

VMSA-2021-0025:VMware vCenter Server updates address a privilege escalation vulnerability

Advisory ID: VMSA-2021-0025.6 CVSSv3 Range: 7.1 Issue Date:2021-11-10 Updated On: 2022-12-15 CVEs: CVE-2021-22048 Synopsis: VMware vCenter Server updates address a privilege escalation vulnerability CVE-2021-22048 RSS Feed Download PDF Download Text File Share this page on social media: 1...

VMware Workspace ONE UEM console patches address a denial of service vulnerability (CVE-2021-22029)

3. Advisory Details VMware Workspace ONE UEM REST API contains a denial of service vulnerability. VMware has evaluated this issue to be of 'Moderate' severity with a maximum CVSSv3 base score of 5.3...

VMware vRealize Operations updates address Server Side Request Forgery and Arbitrary File Write vulnerabilities (CVE-2021-21975, CVE-2021-21983)

3a. Server Side Request Forgery in vRealize Operations Manager API CVE-2021-21975 The vRealize Operations Manager API contains a Server Side Request Forgery. VMware has evaluated this issue to be of 'Important' severity with a maximum CVSSv3 base score of 8.6. 3b. Arbitrary file write vulnerabili...

VMware ESXi, Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005)

3a. Use-after-free vulnerability in XHCI USB controller CVE-2020-4004 VMware ESXi, Workstation, and Fusion contain a use-after-free vulnerability in the XHCI USB controller. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9....

VMware ESXi, Workstation, Fusion, VMware Remote Console and Horizon Client updates address multiple security vulnerabilities (CVE-2020-3957, CVE-2020-3958, CVE-2020-3959)

3a. Service opener - Time-of-check Time-of-use TOCTOU issue CVE-2020-3957 VMware Fusion, VMRC for Mac and Horizon Client for Mac contain a local privilege escalation vulnerability due to a Time-of-check Time-of-use TOCTOU issue in the service opener. VMware has evaluated the severity of this issu...

VMware vSphere updates to third party libraries

a. DDoS vulnerability in NTP third party libraries The NTP daemon has a DDoS vulnerability in the handling of the "monlist" command. An attacker may send a forged request to a vulnerable NTP server resulting in an amplified response to the intended target of the DDoS attack.MitigationMitigation f...

VMSA-2013-0011:VMware ESXi and ESX address an NFC Protocol Unhandled Exception

VMSA-2013-0011 VMware ESXi and ESX address an NFC Protocol Unhandled Exception VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0011 VMware Security Advisory Synopsis: VMware ESXi and ESX address an NFC Protocol Unhandled Exception VMware Security Advisory Issue date:...

VMware security updates for vCenter Server

a. vCenter Server AD anonymous LDAP binding credential by-passvCenter Server when deployed in an environment that uses Active Directory AD with anonymous LDAP binding enabled doesn't properly handle login credentials. In this environment, authenticating to vCenter Server with a valid user name an...

VMware View privilege escalation and cross-site scripting

a. VMware Virtual Desktop Display Driver Privilege EscalationThe VMware XPDM and WDDM display drivers contain buffer overflow vulnerabilities and the XPDM display driver does not properly check for NULL pointers. Exploitation of these issues may lead to local privilege escalation on View virtual...

VMSA-2011-0010:VMware ESX third party updates for Service Console packages glibc and dhcp

VMSA-2011-0010.3 VMware ESX third party updates for Service Console packages glibc and dhcp VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0010.3 VMware Security Advisory Synopsis: VMware ESX third party updates for Service Console packages glibc and dhcp VMware Security...

VMSA-2009-0003:ESX 2.5.5 patch 12 updates service console packag ed

VMSA-2009-0003 ESX 2.5.5 patch 12 updates service console packag ed VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0003 VMware Security Advisory Synopsis: ESX 2.5.5 patch 12 updates service console packag ed VMware Security Advisory Issue date: 2009-01-26 VMware Security...

VMSA-2025-0013: VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities (CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239)

Advisory ID: | VMSA-2025-0013 ---|--- Advisory Severity: | Critical CVSSv3 Range: | 6.2-9.3 Synopsis: | VMware ESXi, Workstation, Fusion, and Tools updates address multiple vulnerabilities CVE-2025-41236, CVE-2025-41237, CVE-2025-41238, CVE-2025-41239 Issue date: | 2025-07-15 Updated on: |...

VMSA-2022-0032:VMware Workspace ONE Access and Identity Manager updates address multiple vulnerabilities

Advisory ID: VMSA-2022-0032 CVSSv3 Range: 5.3-7.2 Issue Date:2022-12-13 Updated On: 2022-12-13 Initial Advisory CVEs: CVE-2022-31700, CVE-2022-31701 Synopsis: VMware Workspace ONE Access and Identity Manager updates address multiple vulnerabilities CVE-2022-31700, CVE-2022-31701. RSS Feed Downloa...

VMSA-2019-0006:VMware ESXi, Workstation and Fusion updates address multiple out-of-bounds read vulnerabilities

VMSA-2019-0006 VMware ESXi, Workstation and Fusion updates address multiple out-of-bounds read vulnerabilities. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2019-0006 VMware Security Advisory Severity: Important VMware Security Advisory Synopsis: VMware ESXi, Workstation an...

VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues

a. VMware ESXi, Workstation, Player, and Fusion host privilege escalation vulnerability VMware ESXi, Workstation, Player and Fusion contain an arbitrary file write issue. Exploitation this issue may allow for privilege escalation on the host. The vulnerability does not allow for privilege...

VMSA-2011-0014:VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability

VMSA-2011-0014 VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2011-0014 VMware Security Advisory Synopsis: VMware vCenter Update Manager fix for Jetty Web server addresses...

VMSA-2010-0005:VMware products address vulnerabilities in WebAccess

VMSA-2010-0005 VMware products address vulnerabilities in WebAccess VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0005 VMware Security Advisory Synopsis: VMware products address vulnerabilities in WebAccess VMware Security Advisory Issue date: 2010-03-29 VMware Security...

VMSA-2010-0003:VMSA-2010-0003.1 ESX Service Console update for net-snmp

VMSA-2010-0003.1 VMSA-2010-0003.1 ESX Service Console update for net-snmp VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0003.1 VMware Security Advisory Synopsis: VMSA-2010-0003.1 ESX Service Console update for net-snmp VMware Security Advisory Issue date: 2010-02-16...

Updated ESXi and ESX 3.5 packages address critical security issue in openwsman

a. Updated Openwsman Openwsman is a system management platform that implements the Web Services Management protocol WS-Management. It is installed and running by default. It is used in the VMware Management Service Console and in ESXi. The openwsman 2.0.0 management service on ESX 3.5 and ESXi 3....

VMSA-2022-0027:VMware Cloud Foundation updates address multiple vulnerabilities

Advisory ID: VMSA-2022-0027.2 CVSSv3 Range: 5.3-9.8 Issue Date:2022-10-25 Updated On: 2023-03-09 CVEs: CVE-2021-39144, CVE-2022-31678 Synopsis: VMware Cloud Foundation updates address multiple vulnerabilities. RSS Feed Download PDF Download Text File Share this page on social media: 1. Impacted...

VMSA-2019-0004:VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability

VMSA-2019-0004 VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2019-0004 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware vCloud Director for...

VMSA-2019-0005:VMware ESXi, Workstation and Fusion updates address multiple security issues.

VMSA-2019-0005.1 VMware ESXi, Workstation and Fusion updates address multiple security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2019-0005 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: VMware ESXi, Workstation and Fusion updates...

VMSA-2016-0016:vRealize Operations (vROps) updates address privilege escalation vulnerability

VMSA-2016-0016.1 vRealize Operations vROps updates address privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0016.1 VMware Security Advisory Severity: Critical VMware Security Advisory Synopsis: vRealize Operations vROps updates address...

VMSA-2010-0011:VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0.

VMSA-2010-0011 VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0011 VMware Security Advisory Synopsis: VMware Studio 2.1 addresses security vulnerabilities in virtual...

VMSA-2024-0013:VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2024-37085, CVE-2024-37086, CVE-2024-37087)

Advisory ID: | VMSA-2024-0013.2 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 5.3-6.8 Synopsis: | VMware ESXi and vCenter Server updates address multiple vulnerabilities CVE-2024-37085, CVE-2024-37086, CVE-2024-37087 Issue date: | 2024-06-25 Updated on: | 2024-08-12 CVEs | CVE-2024-37085,...

VMSA-2023-0010:NSX-T update addresses cross-site scripting vulnerability

Advisory ID: VMSA-2023-0010 CVSSv3 Range: 4.3 Issue Date:2023-05-23 Updated On: 2023-05-23 Initial Advisory CVEs: CVE-2023-20868 Synopsis: NSX-T update addresses cross-site scripting vulnerability CVE-2023-20868 RSS Feed Download PDF Download Text File Share this page on social media: 1. Impacted...

VMSA-2020-0003:vRealize Operations for Horizon Adapter updates address multiple security vulnerabilities

Advisory ID: VMSA-2020-0003 CVSSv3 Range: 5.3-9.0 Issue Date:2020-02-18 Updated On: 2020-02-18 Initial Advisory CVEs: CVE-2020-3943, CVE-2020-3944, CVE-2020-3945 Synopsis: vRealize Operations for Horizon Adapter updates address multiple security vulnerabilities CVE-2020-3943, CVE-2020-3944,...

VMSA-2016-0004:VMware product updates address a CRITICAL security issue in the VMware Client Integration Plugin

VMSA-2016-0004 VMware product updates address a critical security issue in the VMware Client Integration Plugin VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0004 VMware Security Advisory Synopsis: VMware product updates address a critical security issue in the VMware...

VMware ESX third party updates for Service Console

a. Service Console update for samba The service console package samba is updated to version 3.0.9-1.3E.18. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2010-3069 to this issue. Column 4 of the following table lists the action required to remediate the...

VMSA-2008-0012:Updated VirtualCenter addresses User Account Disclosure Vulnerability

VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0012 VMware Security AdvisorySynopsis: Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security AdvisoryIssue...

Updated service console patches.

I Service Console package security updates...

VMSA-2023-0009:VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue

Advisory ID: VMSA-2023-0009 CVSSv3 Range: 6.4-8.8 Issue Date:2023-05-11 Updated On: 2023-05-11 Initial Advisory CVEs: CVE-2023-20877, CVE-2023-20878, CVE-2023-20879, CVE-2023-20880 Synopsis: VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue...

VMSA-2021-0022:VMware vRealize Log Insight updates address CSV injection vulnerability

Advisory ID: VMSA-2021-0022 CVSSv3 Range: 6.5 Issue Date:2021-10-12 Updated On: 2021-10-12 Initial Advisory CVEs: CVE-2021-22035 Synopsis: VMware vRealize Log Insight updates address CSV injection vulnerability CVE-2021-22035 RSS Feed Download PDF Download Text File Share this page on social medi...