Broadcom patched VMware zero-days CVE-2025-22224, CVE-2025-22225 and CVE-2025-22226 after Microsoft warned it of exploitation.
The post Broadcom Patches 3 VMware Zero-Days Exploited in the Wild appeared first on SecurityWeek.
VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products
VMWare calls attention to patches for multiple ‘high-risk’ security defects in its Aria Operations and Aria Operations for Logs products.
The post VMware Patches High-Risk Flaws in Oft-Targeted Aria Operations Products appeared first on SecurityWeek.
VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer
VMware warns that a malicious user with network access may be able to use specially crafted SQL queries to gain database access.
The post VMware Warns of High-Risk Blind SQL Injection Bug in Avi Load Balancer appeared first on SecurityWeek.
VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest
VMware warned that an attacker with network access could send a specially crafted packet to execute remote code. CVSS severity score 9.8/10.
The post VMware Patches Remote Code Execution Flaw Found in Chinese Hacking Contest appeared first on SecurityWeek.
VMware Patches High-Severity Code Execution Flaw in Fusion
VMware rolls out patch for a high-severity code execution vulnerability in the Fusion hypervisor.
The post VMware Patches High-Severity Code Execution Flaw in Fusion appeared first on SecurityWeek.
Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances
Shadowserver has observed over 20,000 internet-accessible VMware ESXi instances impacted by an exploited vulnerability.
The post Exploited Vulnerability Could Impact 20k Internet-Exposed VMware ESXi Instances appeared first on SecurityWeek.
Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw
VMware did not mention in-the-wild exploitation for CVE-2024-37085 but Microsoft says ransomware gangs are abusing the just-patched flaw.
The post Microsoft Says Ransomware Gangs Exploiting Just-Patched VMware ESXi Flaw appeared first on SecurityWeek.
VMware Patches Critical SQL-Injection Flaw in Aria Automation
VMware warns that authenticated malicious users could enter specially crafted SQL queries and perform unauthorized read/write operations in the database.
The post VMware Patches Critical SQL-Injection Flaw in Aria Automation appeared first on SecurityWeek.
Critical Code Execution Vulnerabilities Patched in VMware vCenter Server
Serious vulnerabilities that can allow remote code execution and privilege escalation have been patched in VMware vCenter Server.
The post Critical Code Execution Vulnerabilities Patched in VMware vCenter Server appeared first on SecurityWeek.
VMware Abused in Recent MITRE Hack for Persistence, Evasion
MITRE has shared information on how China-linked hackers abused VMware for persistence and detection evasion in the recent hack.
The post VMware Abused in Recent MITRE Hack for Persistence, Evasion appeared first on SecurityWeek.