• mehdi@mkvlab.at
June 4, 2025

VMSA-2025-0012 – VMware NSX – Multiple Vulnerabilities

VMware by Broadcom has released VMware NSX updates to address multiple vulnerabilities CVE-2025-22243, CVE-2025-22244, CVE-2025-22245. Multiple vulnerabilities in VMware NSX were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products CVE-2025-22243 | Stored Cross-Site Scripting (XSS) vulnerability in Manager-UI Description:VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack […]

Security 0
March 9, 2025

VMSA-2025-0004 – VMware ESXi, Workstation, and Fusion multiple Vulnerability

VMware by Broadcom has released VMware ESXi, Workstation, and Fusion updates to address multiple vulnerabilities CVE-2025-22224, CVE-2025-22225, and CVE-2025-22226. Impacted Products: CVE-2025-22224 | VMCI heap-overflow vulnerability Description: VMware ESXi, and Workstation contain a TOCTOU (Time-of-Check Time-of-Use) vulnerability that leads to an out-of-bounds write. VMware has evaluated the severity of this issue to be in the Critical severity range with a maximum CVSSv3 base score of 9.3. […]

Security 0
October 27, 2024

Critical zero-day vulnerability in FortiManager is actively exploited – CVE-2024-47575

A missing authentication for critical function vulnerability tracked as CVE-2024-47575 in FortiManager fgfmd daemon may allow a remote unauthenticated attacker to execute arbitrary code or commands via specially crafted requests. Reports have shown this vulnerability to be exploited in the wild. The company privately warned FortiManager customers about the flaw starting October 13th in advanced notification emails seen by BleepingComputer […]

Fortinet 0
February 7, 2024

VMSA-2024-0002 – VMware Aria Operations for Networks – multiple vulnerabilities

Multiple vulnerabilities in Aria Operations for Networks were responsibly reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. CVE(s): CVE-2024-22237, CVE-2024-22238, CVE-2024-22239, CVE-2024-22240, CVE-2024-22241 Impacted Products: VMware Aria Operations for Networks (formerly vRealize Network Insight) Description: Aria Operations for Networks contains a local privilege escalation vulnerability. VMware has evaluated the severity of this issue to be […]

Security 0
November 15, 2023

Exchange Server Security Updates – November 2023

Microsoft released several SUs for Microsoft Exchange Server 2016, 2019 addressing found vulnerabilities in these products. Microsoft encourages customers to apply SU due to the critical nature of these vulnerabilities. Exchange Online customers are already protected from the vulnerabilities addressed by these SUs and do not need to take any action. Microsoft has released Security Updates for vulnerabilities found in: […]

Microsoft 0
March 7, 2021

Exchange Servers 0-day exploits -HAFNIUM-

On March 2, 2021 Microsoft has released several security update for Microsoft Exchange Server to address the vulnerabilities that has beed exposed targeting on-premises version of Exchange server. Microsoft has categorised this as a critical vulnerabilities and recommended the update the Exchange Server as soon as possible. The Exchange versions affected are:  NOTE: Exchange Online is not affected. also Microsoft Exchange Server 2010 […]

Microsoft 1

Categories

vExpert Badge

Consulting

I am available for remote consulting and support.

Click here for Resume Download

Archives

Recent Posts