548 matches found
VMware ESX third party updates for Service Console
a. Service Console update for samba The service console package samba is updated to version 3.0.9-1.3E.18. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the name CVE-2010-3069 to this issue. Column 4 of the following table lists the action required to remediate the...
VMware View 3.1.3 addresses an important cross-site scripting vulnerability
VMware View 3.1.3 addresses an cross-site scripting vulnerability in VMware View. In order for an attacker to exploit the vulnerability, the attacker would need to lure the user to click on the attacker's URL. VMware would like to thank Alexey Sintsov from Digital Security Research Group DSecRG f...
VMSA-2008-0012:Updated VirtualCenter addresses User Account Disclosure Vulnerability
VMSA-2008-0012 Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2008-0012 VMware Security AdvisorySynopsis: Updated VirtualCenter addresses User Account Disclosure Vulnerability VMware Security AdvisoryIssue...
VMSA-2022-0031:VMware vRealize Network Insight (vRNI) updates address command injection and directory traversal security vulnerabilities
Advisory ID: VMSA-2022-0031 CVSSv3 Range: 7.5-9.8 Issue Date:2022-12-13 Updated On: 2022-12-13 Initial Advisory CVEs: CVE-2022-31702, CVE-2022-31703 Synopsis: VMware vRealize Network Insight vRNI updates address command injection and directory traversal security vulnerabilities CVE-2022-31702,...
VMSA-2022-0017:VMware HCX update addresses an information disclosure vulnerability
Advisory ID: VMSA-2022-0017 CVSSv3 Range: 2.7 Issue Date:2022-06-15 Updated On: 2022-06-15 Initial Advisory CVEs: CVE-2022-22953 Synopsis: VMware HCX update addresses an information disclosure vulnerability CVE-2022-22953 RSS Feed Download PDF Download Text File Share this page on social media: 1...
VMSA-2016-0017:VMware product updates address multiple information disclosure issues
VMSA-2016-0017 VMware product updates address multiple information disclosure issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0017 VMware Security Advisory Severity: Moderate VMware Security Advisory Synopsis: VMware product updates address multiple information...
VMware product updates address critical and important security issues
a. Critical JMX issue when deserializing authentication credentials...
VMware ESX updates to ESX Service Console
a. ESX third party update for Service Console kernelThe ESX Service Console Operating System COS kernel is updated which addresses several security issues in the COS kernel.The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2011-3191, CVE-2011-4348 and...
VMSA-2009-0011:VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0
VMSA-2009-0011 VMware Studio 2.0 addresses a security issue in the public beta version of Studio 2.0 VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2009-0011 VMware Security Advisory Synopsis: VMware Studio 2.0 addresses a security issue in the public beta version of Studio 2...
VMSA-2008-0017:Updated ESX packages for libxml2, ucd-snmp, libtiff
VMSA-2008-0017.2 Updated ESX packages for libxml2, ucd-snmp, libtiff VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2008-0017.2 VMware Security Advisory Synopsis: Updated ESX packages for libxml2, ucd-snmp, libtiff VMware Security Advisory Issue date: 2008-10-31 VMware Securi...
Updated service console patches.
I Service Console package security updates...
VMSA-2025-0008: VMware Aria automation updates address a DOM based Cross-site scripting vulnerability (CVE-2025-22249)
Advisory ID: | VMSA-2025-0008 ---|--- Advisory Severity: | Important CVSSv3 Range: | 8.2 Synopsis: | VMware Aria automation updates address a DOM based Cross-site scripting vulnerability CVE-2025-22249 Issue date: | 2025-05-12 Updated on: | 2025-05-12 CVEs | CVE-2025-22249 1. Impacted Products...
VMSA-2024-0010: VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, CVE-2024-22270)
Advisory ID: | VMSA-2024-0010 ---|--- Advisory Severity: | Critical CVSSv3 Range: | 7.1-9.3 Synopsis: | VMware Workstation and Fusion updates address multiple security vulnerabilities CVE-2024-22267, CVE-2024-22268, CVE-2024-22269, CVE-2024-22270 Issue date: | 2024-05-14 Updated on: | 2024-05-14...
VMSA-2020-0010:VMware Cloud Director updates address Code Injection Vulnerability
Advisory ID: VMSA-2020-0010 CVSSv3 Range: 8.8 Issue Date:2020-05-19 Updated On: 2020-05-19 Initial Advisory CVEs: CVE-2020-3956 Synopsis: VMware Cloud Director updates address Code Injection Vulnerability CVE-2020-3956 RSS Feed Download PDF Download Text File Share this page on social media: 1...
VMSA-2019-0007:VMware Workstation update addresses a DLL-hijacking issue
VMware Security Advisories Advisory ID| VMSA-2019-0007 ---|--- Advisory Severity| Moderate CVSSv3 Range| 6.0 Synopsis| VMware Workstation update addresses a DLL-hijacking issue CVE-2019-5526 Issue Date| 2019-05-14 Updated On| 2019-05-14 Initial Advisory CVEs| CVE-2019-5526 1. Impacted Products...
VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability
a. VMware VMCI privilege escalation VMware ESX, Workstation, Fusion, and View contain a vulnerability in the handling of control code in vmci.sys. A local malicious user may exploit this vulnerability to manipulate the memory allocation through the Virtual Machine Communication Interface VMCI cod...
VMSA-2024-0004:VMware Aria Operations updates address local privilege escalation vulnerability (CVE-2024-22235)
Advisory ID: | VMSA-2024-0004 ---|--- Advisory Severity: | Moderate CVSSv3 Range: | 6.7 Synopsis: | VMware Aria Operations updates address local privilege escalation vulnerability. CVE-2024-22235 Issue date: | 2024-02-20 Updated on: | 2024-02-20 Initial Advisory CVEs | CVE-2024-22235 1. Impacted...
VMSA-2023-0022:VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities
Advisory ID: VMSA-2023-0022 CVSSv3 Range: 6.6-7.1 Issue Date:2023-10-19 Updated On: 2023-10-19 Initial Advisory CVEs: CVE-2023-34044, CVE-2023-34045, CVE-2023-34046 Synopsis: VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities...
VMware Carbon Black App Control updates address an injection vulnerability (CVE-2023-20858)
3. Injection Vulnerability CVE-2023-20858 VMware Carbon Black App Control contains an injection vulnerability. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.1...
VMSA-2021-0006:VMware NSX-T updates address a privilege escalation vulnerability
Advisory ID: VMSA-2021-0006 CVSSv3 Range: 7.5 Issue Date:2021-04-19 Updated On: 2021-04-19 Initial Advisory CVEs: CVE-2021-21981 Synopsis: VMware NSX-T updates address a privilege escalation vulnerability CVE-2021-21981 RSS Feed Download PDF Download Text File Share this page on social media: 1...
VMware Horizon update addresses Connection Server information disclosure vulnerability.
Connection Server Information disclosure vulnerability The VMware Horizon Connection Server contains an information disclosure vulnerability. Successful exploitation of this issue may allow disclosure of internal domain names, the Connection Server’s internal name, or the gateway’s internal IP...
VMSA-2013-0014:VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation
VMSA-2013-0014 VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0014 VMware Security Advisory Synopsis: VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalati...
VMSA-2013-0001:VMware vSphere security updates for the authentication service and third party libraries
VMSA-2013-0001.5 VMware vSphere security updates for the authentication service and third party libraries VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2013-0001.5 VMware Security Advisory Synopsis: VMware vSphere security updates for the authentication service and third par...
VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
a. VMware Tools Display Driver Privilege Escalation The VMware XPDM and WDDM display drivers contain buffer overflow vulnerabilities and the XPDM display driver does not properly check for NULL pointers. Exploitation of these issues may lead to local privilege escalation on Windows-based Guest...
VMSA-2023-0020:VMware Aria Operations updates address local privilege escalation vulnerability.
Advisory ID: VMSA-2023-0020 CVSSv3 Range: 6.7 Issue Date:2023-09-26 Updated On: 2023-09-26 Initial Advisory CVEs: CVE-2023-34043 Synopsis: VMware Aria Operations updates address local privilege escalation vulnerability. CVE-2023-34043 RSS Feed Download PDF Download Text File Share this page on...
VMSA-2021-0001:vSphere Replication updates address a command injection vulnerability
Advisory ID: VMSA-2021-0001 CVSSv3 Range: 7.2 Issue Date:2021-02-11 Updated On: 2021-02-11 Initial Advisory CVEs: CVE-2021-21976 Synopsis: vSphere Replication updates address a command injection vulnerability CVE-2021-21976 RSS Feed Download PDF Download Text File Share this page on social media:...
VMSA-2020-0015:VMware Cloud Foundation, ESXi, Workstation, and Fusion updates address multiple security vulnerabilities
Advisory ID: VMSA-2020-0015.2 CVSSv3 Range: 4.0 - 9.3 Issue Date:2020-06-23 Updated On: 2020-07-02 CVEs: CVE-2020-3962, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3966, CVE-2020-3967, CVE-2020-3968, CVE-2020-3969, CVE-2020-3970, CVE-2020-3971 Synopsis: VMware Cloud Foundation, ESXi,...
VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) (CVE-2020-3952)
3. VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service vmdir CVE-2020-3952 Under certain conditions1 vmdir that ships with VMware vCenter Server, as part of an embedded or external Platform Services Controller PSC, does not correctl...
VMSA-2016-0003:VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS) issues.
VMSA-2016-0003 VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting XSS issues. VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2016-0003 VMware Security Advisory Synopsis: VMware vRealize Automation and vRealize Business Advanc...
VMSA-2014-0013:VMware vCloud Automation Center product updates address a CRITICAL remote privilege escalation vulnerability
VMSA-2014-0013 VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0013 VMware Security Advisory Synopsis: VMware vCloud Automation Center product updates address a...
VMware vSphere product updates to third party libraries
a. vCenter Server Apache Struts Update The Apache Struts library is updated to address a security issue.This issue may lead to remote code execution after authentication.The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the identifier CVE-2014-0114 to this issue.Column 4...
VMware Workstation, Player, ESXi and ESX patches address critical security issues
a. VMware host memory overwrite vulnerability data pointersDue to a flaw in the handler function for RPC commands, it is possible to manipulate data pointers within the VMX process. This vulnerability may allow a guest user to crash the VMX process or potentially execute code on the host.Workarou...
VMSA-2012-0009:VMware Workstation, Player, ESXi and ESX patches address CRITICAL security issues
VMSA-2012-0009.2 VMware Workstation, Player, ESXi and ESX patches address critical security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0009.2 VMware Security Advisory Synopsis: VMware Workstation, Player, ESXi and ESX patches address critical security issues...
VMSA-2012-0007:VMware hosted products and ESXi/ESX patches address privilege escalation
VMSA-2012-0007.1 VMware hosted products and ESXi/ESX patches address privilege escalation VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0007.1 VMware Security Advisory Synopsis: VMware hosted products and ESXi/ESX patches address privilege escalation VMware Security...
VMSA-2010-0019:VMware ESX third party updates for Service Console
VMSA-2010-0019.3 VMware ESX third party updates for Service Console VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2010-0019.3 VMware Security Advisory Synopsis: VMware ESX third party updates for Service Console VMware Security Advisory Issue date: 2010-12-07 VMware Security...
ESX Service Console and vMA third party updates
a. vMA and Service Console update for newt to 0.52.2-12.el54.1 Newt is a programming library for color text mode, widget based user interfaces. Newt can be used to add stacked windows, entry widgets, checkboxes, radio buttons, labels, plain text fields, scrollbars, etc., to text mode user...
Updated aacraid driver and Samba and Python service console updates
I Updated ESX driver...
VMSA-2025-0003: VMware Aria Operations for Logs and VMware Aria Operations updates address multiple vulnerabilities (CVE-2025-22218, CVE-2025-22219, CVE-2025-22220, CVE-2025-22221 and CVE-2025-22222)
Advisory ID: | VMSA-2025-0003 ---|--- Advisory Severity: | Important CVSSv3 Range: | 5.2-8.5 Synopsis: | VMware Aria Operations for Logs and VMware Aria Operations updates address multiple vulnerabilities CVE-2025-22218, CVE-2025-22219, CVE-2025-22220, CVE-2025-22221, CVE-2025-22222 Issue date: |...
VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security vulnerabilities
a. Unified Access Gateway and Horizon View heap buffer-overflow vulnerability VMware Unified Access Gateway and Horizon View contain a heap buffer-overflow vulnerability which may allow a remote attacker to execute code on the security gateway. VMware would like to thank Claudio Moletta redr2e fo...
VMSA-2015-0005:VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability
VMSA-2015-0005 VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability VMware Security Advisory VMware Security AdvisoryAdvisory ID: VMSA-2015-0005 VMware Security AdvisorySynopsis: VMware Workstation, Player and Horizon View Client...
VMware vSphere product updates address security vulnerabilities
a. VMware vCSA cross-site scripting vulnerabilityVMware vCenter Server Appliance vCSA contains a vulnerability that may allow for Cross Site Scripting. Exploitation of this vulnerability in vCenter Server requires tricking a user to click on a malicious link or to open a malicious web page. VMwar...
VMSA-2012-0003:VMware VirtualCenter Update and ESX 3.5 patch update JRE
VMSA-2012-0003.1 VMware VirtualCenter Update and ESX 3.5 patch update JRE VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2012-0003.1 VMware Security Advisory Synopsis: VMware VirtualCenter Update and ESX 3.5 patch update JRE VMware Security Advisory Issue date: 2012-03-08...
VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.
a. Service Location Protocol daemon DoSThis patch fixes a denial-of-service vulnerability in the Service Location Protocol daemon SLPD. Exploitation of this vulnerability could cause SLPD to consume significant CPU resources.VMware would like to thank Nicolas Gregoire and US CERT for reporting th...
VMware ESX third party updates for Service Console
a. Service Console update for cpioThe service console package cpio is updated to version 2.5-6.RHEL3 for ESX 3.x versions and updated to version 2.6-23.el54.1 for ESX 4.x versions. The Common Vulnerabilities and Exposures project cve.mitre.org has assigned the names CVE-2005-4268 and CVE-2010-062...
VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-20887, CVE-2023-20888, CVE-2023-20889)
3a. Aria Operations for Networks Command Injection Vulnerability CVE-2023-20887 Aria Operations for Networks contains a command injection vulnerability. VMware has evaluated the severity of this issue to be in the critical severity range with a maximum CVSSv3 base score of 9.8. 3b. Aria Operation...
VMSA-2022-0023:VMware Workstation update addresses an unprotected storage of credentials vulnerability
Advisory ID: VMSA-2022-0023 CVSSv3 Range: 5.7 Issue Date:2022-08-09 Updated On: 2022-08-09 Initial Advisory CVEs: CVE-2022-22983 Synopsis: VMware Workstation update addresses an unprotected storage of credentials vulnerability CVE-2022-22983 RSS Feed Download PDF Download Text File Share this pag...
VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
3a. VMware Workspace ONE Boxer update addresses a stored cross-site scripting XSS vulnerability CVE-2022-22944 VMware Workspace ONE Boxer contains a stored cross-site scripting XSS vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum...
VMSA-2022-0001:VMware Workstation, Fusion and ESXi updates address a heap-overfLOW vulnerability
Advisory ID: VMSA-2022-0001.2 CVSSv3 Range: 7.7 Issue Date:2022-01-04 Updated On: 2022-02-14 CVEs: CVE-2021-22045 Synopsis: VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability CVE-2021-22045 RSS Feed Download PDF Download Text File Share this page on social media: 1...
VMSA-2021-0024:VMware vRealize Operations Tenant App update addresses Information Disclosure Vulnerability
Advisory ID: VMSA-2021-0024 CVSSv3 Range: 5.3 Issue Date:2021-10-19 Updated On: 2021-10-19 CVEs: CVE-2021-22034 Synopsis: VMware vRealize Operations Tenant App update addresses Information Disclosure Vulnerability CVE-2021-22034 RSS Feed Download PDF Download Text File Share this page on social...
VMSA-2014-0001:VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues
VMSA-2014-0001 VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues VMware Security Advisory VMware Security Advisory Advisory ID: VMSA-2014-0001 VMware Security Advisory Synopsis: VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director addre...