• mehdi@mkvlab.at
May 21, 2025

VMSA-2025-0010 – VMware ESXi, vCenter Server, Workstation, and Fusion – Multiple Vulnerabilities

VMware by Broadcom has released VMware ESXi, vCenter Server, Workstation, and Fusion updates to address multiple vulnerabilities CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228. Multiple vulnerabilities in ESXi, vCenter Server, and Workstation were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products CVE-2025-41225 | VMware vCenter Server authenticated command-execution vulnerability Description:The vCenter Server contains an authenticated […]

Security 0
October 9, 2024

VMSA-2024-0020 – VMware NSX – Multiple Vulnerabilities

VMware by Broadcom has released a VMware NSX update to address multiple vulnerabilities CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815. Impacted Products: CVE-2024-38817 | VMware NSX command injection vulnerability Description:VMware NSX contains a command injection vulnerability.  VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.7. A malicious actor with access to the NSX […]

Security 0
September 21, 2024

VMSA-2024-0019 – VMware vCenter Server and VMware Cloud Foundation vulnerabilities

VMware has released a security advisory that addresses vulnerabilities CVE-2024-38812 and CVE-2024-38813. These vulnerabilities can allow for heap-overflow and privilege escalation attacks. VMware has published fixes for both vulnerabilities in VMware Cloud Foundation and vCenter Server. Impacted Products: CVE-2024-38812 | VMware vCenter Server heap-overflow vulnerability Description:The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. VMware […]

Security 0
June 22, 2024

VMSA-2024-0012 – VMware vCenter Server – Multiple Vulnerabilities

VMware has addressed several critical vulnerabilities CVE-2024-37079, CVE-2024-37080, and CVE-2024-37081 in the vCenter Server that could allow remote code execution (RCE) or privilege escalation. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products:VMware Cloud FoundationVMware vCenter Server CVE-2024-37079 & CVE-2024-37080 – Multiple heap overflow vulnerabilities with the DCERPC protocol. The severity of this vulnerability has the maximum […]

Security 0

Categories

vExpert Badge

Consulting

I am available for remote consulting and support.

Click here for Resume Download

Archives

Recent Posts