VMware patches flaws that expose users to data leakage, command execution and denial-of-service attacks. No temporary workarounds available.
The post NATO-Flagged Vulnerability Tops Latest VMware Security Patch Batch appeared first on SecurityWeek.
Vulnerabilities Patched by Juniper, VMware and Zoom
Juniper Networks, VMware, and Zoom have announced patches for dozens of vulnerabilities across their products.
The post Vulnerabilities Patched by Juniper, VMware and Zoom appeared first on SecurityWeek.
VMware Patches Authentication Bypass Flaw in Windows Tools Suite
The authentication bypass vulnerability, tagged as CVE-2025-22230, carries a CVSS severity score of 7.8/10.
The post VMware Patches Authentication Bypass Flaw in Windows Tools Suite appeared first on SecurityWeek.
Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks
Scans show that tens of thousands of VMware ESXi instances are affected by CVE-2025-22224 and other vulnerabilities disclosed recently as zero-days.
The post Exploited VMware ESXi Flaws Put Many at Risk of Ransomware, Other Attacks appeared first on SecurityWeek.
Broadcom Patches 3 VMware Zero-Days Exploited in the Wild
Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation.
The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek.
VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
VMWare calls attention to patches for multiple ‘high-risk’ security defects in its Aria Operations and Aria Operations for Logs products.
The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek.
VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer
VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access.
The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared first on SecurityWeek.
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.
The post VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest appeared first on SecurityWeek.
VMware Patches High-Severity Code Execution Flaw in Fusion
VMware rolls out patch for a high-severity code execution vulnerability in the Fusion hypervisor.
The post VMware Patches High-Severity Code Execution Flaw in Fusion appeared first on SecurityWeek.
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances
Shadowserver has observed over 20,000 internet-accessible VMware ESXi instances impacted by an exploited vulnerability.
The post Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances appeared first on SecurityWeek.