• mehdi@mkvlab.at
June 4, 2025

VMSA-2025-0012 – VMware NSX – Multiple Vulnerabilities

VMware by Broadcom has released VMware NSX updates to address multiple vulnerabilities CVE-2025-22243, CVE-2025-22244, CVE-2025-22245. Multiple vulnerabilities in VMware NSX were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products CVE-2025-22243 | Stored Cross-Site Scripting (XSS) vulnerability in Manager-UI Description:VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack […]

Security 0
May 26, 2025

VMSA-2025-0011 – VMware Avi Load Balancer – SQL Injection Vulnerability

VMware by Broadcom addresses VMware Avi Load Balancer an authenticated blind SQL Injection vulnerability CVE-2025-41233. Avi Load Balancer contains an authenticated blind SQL Injection vulnerability, which was privately reported to VMware. Patches are available to remediate this vulnerability in affected VMware products. An authenticated malicious user with network access may be able to use specially crafted SQL queries to gain […]

Security 0
May 21, 2025

VMSA-2025-0010 – VMware ESXi, vCenter Server, Workstation, and Fusion – Multiple Vulnerabilities

VMware by Broadcom has released VMware ESXi, vCenter Server, Workstation, and Fusion updates to address multiple vulnerabilities CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228. Multiple vulnerabilities in ESXi, vCenter Server, and Workstation were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products CVE-2025-41225 | VMware vCenter Server authenticated command-execution vulnerability Description:The vCenter Server contains an authenticated […]

Security 0
May 21, 2025

VMSA-2025-0009 – VMware Cloud Foundation – Multiple Vulnerabilities

VMware by Broadcom has released VMware Cloud Foundation updates to address multiple vulnerabilities CVE-2025-41229, CVE-2025-41230, CVE-2025-41231. Multiple vulnerabilities in VMware Cloud Foundation were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products: CVE-2025-41229 | VMware Cloud Foundation Directory Traversal Vulnerability Description:VMware Cloud Foundation contains a directory traversal vulnerability. VMware has evaluated the severity of […]

Security 0
March 9, 2025

VMSA-2025-0004 – VMware ESXi, Workstation, and Fusion multiple Vulnerability

VMware by Broadcom has released VMware ESXi, Workstation, and Fusion updates to address multiple vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226. Impacted Products: CVE-2025-22224 | VMCI heap-overflow vulnerability Description: VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3. […]

Security 0
November 13, 2024

Understanding VMware’s New Licensing Model: VCF, VVF, and More

In November 2024, VMware, under Broadcom’s leadership, updated its licensing portfolio, aiming to streamline offerings and align with evolving customer needs, and added a new product suite. we will take a look at each of them briefly. Revised Licensing Categories VMware’s product suite is now organized into four primary categories: Transition to Subscription-Based Licensing Aligning with industry trends, VMware has […]

VMware 0
November 10, 2024

VMware Explore 2024 Barcelona – My Favorite Sessions

The annual VMware Explore event in Barcelona never disappoints, and 2024 was no exception! With so many exciting sessions covering cutting-edge developments in virtualization, cloud, and networking, choosing a handful of favorites is no easy task. However, a few sessions stood out to me for their insights, innovation, and potential to transform how we approach modern IT challenges. Here are […]

VMware 0
October 9, 2024

VMSA-2024-0020 – VMware NSX – Multiple Vulnerabilities

VMware by Broadcom has released a VMware NSX update to address multiple vulnerabilities CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815. Impacted Products: CVE-2024-38817 | VMware NSX command injection vulnerability Description:VMware NSX contains a command injection vulnerability.  VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.7. A malicious actor with access to the NSX […]

Security 0
September 21, 2024

VMSA-2024-0019 – VMware vCenter Server and VMware Cloud Foundation vulnerabilities

VMware has released a security advisory that addresses vulnerabilities CVE-2024-38812 and CVE-2024-38813. These vulnerabilities can allow for heap-overflow and privilege escalation attacks. VMware has published fixes for both vulnerabilities in VMware Cloud Foundation and vCenter Server. Impacted Products: CVE-2024-38812 | VMware vCenter Server heap-overflow vulnerability Description:The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. VMware […]

Security 0
September 3, 2024

Redeploy NSX Edge Trasport Node using API

In this post, we will redeploy the NSX Edge Transport Node using the NSX Manager API call where you can easily and quickly redeploy your edge node. I am in a situation, where my nodes are not responding as I am constantly testing things in my Lab, so I wanted to share how you can do that in your production […]

VMware 0

Categories

vExpert Badge

Consulting

I am available for remote consulting and support.

Click here for Resume Download

Archives

Recent Posts