Multiple vulnerabilities in VMware Carbon Black App Control [CVE-2022-22951 and CVE-2022-22952]

CVE numbers – CVE-2022-22951 and CVE-2022-22952 Multiple vulnerabilities in VMware Carbon Black App Control were privately reported to VMware. Updates are available to remediate

Read more

VMware Releases Security Update for multiple products (CVE-2021-22045)

CVE number = CVE-2021-22045 VMware ESXi (7.0, 6.7 before ESXi670-202111101-SG and 6.5 before ESXi650-202110101-SG), VMware Workstation (16.2.0) and VMware Fusion

Read more

VMware vCenter Server updates address arbitrary file read and SSRF vulnerabilities (CVE-2021-21980, CVE-2021-22049)

CVE numbers = CVE-2021-21980 and CVE-2021-22049 Multiple vulnerabilities in VMware vCenter Server were privately reported to VMware. Updates are available

Read more

VMware Tanzu Application Service for VMs updates address a denial-of-service vulnerability (CVE-2021-22101)

CVE number – CVE-2021-22101 A denial-of-service vulnerability in one of the components of VMware Tanzu Application Service for VMs was observed.

Read more

VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)

A privilege escalation vulnerability in VMware Center Server was privately reported to VMware. Workarounds are available to remediate this vulnerability

Read more

VMware vCenter Server local privilege escalation vulnerability (CVE-2021-21991)

CVE number = CVE-2021-21991 The VMware vCenter Server contains a local privilege escalation vulnerability due to the way it handles session tokens. 

Read more

VMware vCenter Server file upload vulnerability (CVE-2021-22005)

CVE number = CVE-2021-22005 The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with

Read more

VMware ESXi and vCenter Server security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)

CVE numbers – CVE-2021-21972, CVE-2021-21973, CVE-2021-21974 Multiple vulnerabilities in VMware ESXi and vSphere Client (HTML5) were privately reported to VMware. Updates

Read more

vSphere Replication updates address a command injection vulnerability (CVE-2021-21976)

vSphere Replication contains a post-authentication command injection vulnerability in “Startup Configuration” page. VMware has evaluated this issue to be ‘Important’ severity with

Read more

Ransom X Ransomware

Ransom X (AKA Defray777, Ransom.exx, or RansomExx) is a ransomware tool that has been observed in attacks against US government

Read more
%d bloggers like this: