VMware Archives

Vulnerabilities

Vulnerabilities Patched by Ivanti, VMware, Zoom

Ivanti, VMware, and Zoom released fixes for dozens of vulnerabilities in their products on April 2025 Patch Tuesday.

Ionut ArghireApril 9, 2025

Vulnerabilities

VMware Patches Authentication Bypass Flaw in Windows Tools Suite

The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.

SecurityWeek NewsMarch 25, 2025

Vulnerabilities

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.

Eduard KovacsMarch 6, 2025

Vulnerabilities

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation.

Eduard KovacsMarch 4, 2025

Malware & Threats

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products

VMware calls attention to patches for multiple 'high-risk' security defects in its Aria Operations and Aria Operations for Logs products.

Ryan NaraineJanuary 30, 2025

Malware & Threats

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer

VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access.

Ryan NaraineJanuary 28, 2025

Malware & Threats

VMware Patches High-Severity Vulnerabilities in Aria Operations

The company warns that malicious hackers can craft exploits to elevate privileges or launch cross-site scripting attacks.

Ryan NaraineNovember 26, 2024

Malware & Threats

VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw

The saga of VMWare’s critical CVE-2024-38812 vCenter Server bug has reached the “exploitation detected” stage.

Ryan NaraineNovember 18, 2024

Vulnerabilities

VMware Struggles to Fix Flaw Exploited at Chinese Hacking Contest

For the second time in as many months, VMware patches a remote code execution vulnerability first exploited at a Chinese hacking contest in June.

Ryan NaraineOctober 21, 2024

Vulnerabilities

VMware Patches High-Severity SQL Injection Flaw in HCX Platform

VMware patches CVE-2024-38814 and warns that attackers with non-administrator privileges can execute remote code on the HCX manager.

Ryan NaraineOctober 16, 2024

Vulnerabilities

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.

Ryan NaraineSeptember 17, 2024

Vulnerabilities

VMware Patches High-Severity Code Execution Flaw in Fusion

VMware rolls out patch for a high-severity code execution vulnerability in the Fusion hypervisor.

Ionut ArghireSeptember 3, 2024

SECURITYWEEK NETWORK:

ICS:

All posts tagged "VMware"

Vulnerabilities

Vulnerabilities Patched by Ivanti, VMware, Zoom

Vulnerabilities

VMware Patches Authentication Bypass Flaw in Windows Tools Suite

Vulnerabilities

Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks

Vulnerabilities

Broadcom Patches 3 VMware Zero-Days Exploited in the Wild

Malware & Threats

VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products

Malware & Threats

VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer

Malware & Threats

VMware Patches High-Severity Vulnerabilities in Aria Operations

Malware & Threats

VMware Discloses Exploitation of Hard-to-Fix vCenter Server Flaw

Vulnerabilities

VMware Struggles to Fix Flaw Exploited at Chinese Hacking Contest

Vulnerabilities

VMware Patches High-Severity SQL Injection Flaw in HCX Platform

Vulnerabilities

VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest

Vulnerabilities

VMware Patches High-Severity Code Execution Flaw in Fusion

Featured

Vulnerabilities

SAP Zero-Day Possibly Exploited by Initial Access Broker

Data Breaches

5.5 Million Patients Affected by Data Breach at Yale New Haven Health

Cybercrime

Cyberattack Hits British Retailer Marks & Spencer

Data Breaches

Korean Telco Giant SK Telecom Hacked

Data Breaches

Microsoft Purges Dormant Azure Tenants, Rotates Keys to Prevent Repeat Nation-State Hack

Artificial Intelligence

The Shadow AI Surge: Study Finds 50% of Workers Use Unapproved AI Tools

Vulnerabilities

Fresh Windows NTLM Vulnerability Exploited in Attacks

Latest News

CISO Strategy

Cynomi Raises $37 Million Series B to Expand Its vCISO Platform

Cybersecurity Funding

Browser Security Firm SquareX Raises $20 Million

CISO Strategy

Former Google Cloud CISO Phil Venables Joins Ballistic Ventures

Artificial Intelligence

Lattica Emerges From Stealth With FHE Platform for AI

Threat Intelligence

M-Trends 2025: State-Sponsored IT Workers Emerge as Global Threat

Risk Management

Inside the Verizon 2025 DBIR: Five Trends That Signal a Shift in the Cyber Threat Economy

Cybersecurity Funding

Scamnetic Raises $13 Million to Prevent Scams in Real Time

Daily Briefing Newsletter