• mehdi@mkvlab.at
October 16, 2025

VMSA-2025-0016 – VMware vCenter and NSX – Multiple Vulnerabilities

VMware by Broadcom has released VMware vCenter and NSX updates to address multiple vulnerabilities CVE-2025-41250, CVE-2025-41251, CVE-2025-41252. Multiple vulnerabilities in VMware vCenter and NSX were privately reported to Broadcom. Updates are available to remediate these vulnerabilities in affected Broadcom products.  Impacted Products CVE-2025-41250 | vCenter SMTP header injection vulnerability Description: VMware vCenter contains an SMTP header injection vulnerability. Broadcom has evaluated the severity of this […]

Security 0
October 16, 2025

VMSA-2025-0015 – VMware Aria Operations and VMware Tools – Multiple Vulnerabilities

VMware by Broadcom has released VMware Aria Operations and VMware Tools updates address multiple vulnerabilities CVE-2025-41244, CVE-2025-41245, CVE-2025-41246. Multiple vulnerabilities in VMware Aria Operations and VMware Tools were privately reported to Broadcom. Patches are available to remediate these vulnerabilities in affected Broadcom products. Impacted Products CVE-2025-41244 | Local privilege escalation vulnerability Description:VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. Broadcom has evaluated […]

Security 0
June 4, 2025

VMSA-2025-0012 – VMware NSX – Multiple Vulnerabilities

VMware by Broadcom has released VMware NSX updates to address multiple vulnerabilities CVE-2025-22243, CVE-2025-22244, CVE-2025-22245. Multiple vulnerabilities in VMware NSX were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products CVE-2025-22243 | Stored Cross-Site Scripting (XSS) vulnerability in Manager-UI Description:VMware NSX Manager UI is vulnerable to a stored Cross-Site Scripting (XSS) attack […]

Security 0
May 21, 2025

VMSA-2025-0010 – VMware ESXi, vCenter Server, Workstation, and Fusion – Multiple Vulnerabilities

VMware by Broadcom has released VMware ESXi, vCenter Server, Workstation, and Fusion updates to address multiple vulnerabilities CVE-2025-41225, CVE-2025-41226, CVE-2025-41227, CVE-2025-41228. Multiple vulnerabilities in ESXi, vCenter Server, and Workstation were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products CVE-2025-41225 | VMware vCenter Server authenticated command-execution vulnerability Description:The vCenter Server contains an authenticated […]

Security 0
May 21, 2025

VMSA-2025-0009 – VMware Cloud Foundation – Multiple Vulnerabilities

VMware by Broadcom has released VMware Cloud Foundation updates to address multiple vulnerabilities CVE-2025-41229, CVE-2025-41230, CVE-2025-41231. Multiple vulnerabilities in VMware Cloud Foundation were privately reported to VMware. Updates are available to remediate these vulnerabilities in affected VMware products. Impacted Products: CVE-2025-41229 | VMware Cloud Foundation Directory Traversal Vulnerability Description:VMware Cloud Foundation contains a directory traversal vulnerability. VMware has evaluated the severity of […]

Security 0
October 9, 2024

VMSA-2024-0020 – VMware NSX – Multiple Vulnerabilities

VMware by Broadcom has released a VMware NSX update to address multiple vulnerabilities CVE-2024-38818, CVE-2024-38817, and CVE-2024-38815. Impacted Products: CVE-2024-38817 | VMware NSX command injection vulnerability Description:VMware NSX contains a command injection vulnerability.  VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 6.7. A malicious actor with access to the NSX […]

Security 0
September 21, 2024

VMSA-2024-0019 – VMware vCenter Server and VMware Cloud Foundation vulnerabilities

VMware has released a security advisory that addresses vulnerabilities CVE-2024-38812 and CVE-2024-38813. These vulnerabilities can allow for heap-overflow and privilege escalation attacks. VMware has published fixes for both vulnerabilities in VMware Cloud Foundation and vCenter Server. Impacted Products: CVE-2024-38812 | VMware vCenter Server heap-overflow vulnerability Description:The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. VMware […]

Security 0

Categories

Consulting

I am available for remote consulting and support.

Click here for Resume Download

Archives

Recent Posts