VMware Releases Security Update for multiple products (CVE-2021-22045)
CVE number = CVE-2021-22045 VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion
Read MoreVMware
VMware vCenter Server updates address arbitrary file read and SSRF vulnerabilities (CVE-2021-21980, CVE-2021-22049)
CVE numbers = CVE-2021-21980 and CVE-2021-22049 Multiple vulnerabilities in VMware vCenter Server were privately reported to VMware. Updates are available
Read MoreVMware Tanzu Application Service for VMs updates address a denial-of-service vulnerability (CVE-2021-22101)
CVE number – CVE-2021-22101 A denial-of-service vulnerability in one of the components of VMware Tanzu Application Service for VMs was observed.
Read MoreVMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
A privilege escalation vulnerability in VMware Center Server was privately reported to VMware. Workarounds are available to remediate this vulnerability
Read MoreVMware vCenter Server local privilege escalation vulnerability (CVE-2021-21991)
CVE number = CVE-2021-21991 The VMware vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens.
Read MoreVMware vCenter Server file upload vulnerability (CVE-2021-22005)
CVE number = CVE-2021-22005 The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with
Read MoreVMware ESXi and vCenter Server security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)
CVE numbers – CVE-2021-21972, CVE-2021-21973, CVE-2021-21974 Multiple vulnerabilities in VMware ESXi and vSphere Client (HTML5) were privately reported to VMware. Updates
Read MorevSphere Replication updates address a command injection vulnerability (CVE-2021-21976)
vSphere Replication contains a post-authentication command injection vulnerability in “Startup Configuration” page. VMware has evaluated this issue to be ‘Important’ severity with
Read More
Ransom X Ransomware
Ransom X (AKA Defray777, Ransom.exx, or RansomExx) is a ransomware tool that has been observed in attacks against US government
Read More
VMware Workstation SetGuestInfo Null Pointer Dereference Denial-of-Service Vulnerability [CVE-2020-3999]
CVE Number – CVE-2020-3999 This vulnerability allows local attackers to create a denial-of-service condition on affected installations of VMware Workstation.
Read More