VMware Security Advisory 2018-0002.1 - VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.
963ccf51b4549886833cc22006ffc81cb09d33e8bbc3e81de60d3044de7c9355
VMware Security Advisory 2018-0004 - VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest remediation for speculative execution issue.
c6d2e4b063e3ab3f5a8f434842d6b1780e505c1685915b84e2d41b8aa6dce9d1
VMware Security Advisory 2018-0003 - vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities.
eda449e04f34f16fda9cbfb8f4f7d2b670283db5ad64c5df8ed4051df5360faa
VMware Security Advisory 2016-0023 - VMware ESXi updates address a cross-site scripting issue. 2. Relevant Releases VMware vSphere Hypervisor (ESXi) 3. Problem Description a. Host Client stored cross-site scripting issue The ESXi Host Client contains a vulnerability that may allow for stored cross-site scripting (XSS). The issue can be introduced by an attacker that has permission to manage virtual machines through ESXi Host Client or by tricking the vSphere administrator to import a specially crafted VM. The issue may be triggered on the system from where ESXi Host Client is used to manage the specially crafted VM.
4c819b33c2e8f92eb95137137e7547a0258f115eb484d7b9c5ca8497fbf5ff13
VMware Security Advisory 2016-0022 - VMware vCenter Server, vSphere Client, and vRealize Automation updates address information disclosure vulnerabilities.
2eb92731937c7a5f68f3b95bc7e5f57ed0efd31f7f258f98f7bf28685a4a7363
VMware Security Advisory 2016-0021 - VMware product updates address partial information disclosure vulnerability.
d9372685bd6c303cf6ae449efe2efe58514a7dbbadea4f0e2ab2d3978136abf0
VMware Security Advisory 2016-0020 - vRealize Operations REST API deserialization vulnerability vRealize Operations contains a deserialization vulnerability in its REST API implementation. This issue may result in a Denial of Service as it allows for writing of files with arbitrary content and moving existing files into certain folders. The name format of the destination files is predefined and their names cannot be chosen. Overwriting files is not feasible.
29c0a098ffb0c7b27ec0d4610115a63c7d8a7f0037d9c4fba88d83dcb2ddd668
VMware Security Advisory 2016-0019 - VMware Workstation and Fusion updates address a critical out-of-bounds memory access vulnerability.
4dcb01dc71f4c3ef8e79650ea56bdb93fd311f72d9cedc07f0802b1354a0cfbd
VMware Security Advisory 2016-0017 - VMware product updates address information disclosure issues in VMware Fusion and VMware Tools running on Mac OS X.
82f0e1af00fb6e2af214a5e6c766e4e7e88cf51a23089d7017258dbcdc5e27c0
VMware Security Advisory 2016-0016 - vRealize Operations (vROps) updates address privilege escalation vulnerability.
5915d300c8e1866b0876811067bb4b472df255f41cda6a8833d41d56bd18bbcc
VMware Security Advisory 2016-0015 - VMware Horizon View contains a vulnerability that may allow for a directory traversal on the Horizon View Connection Server. Exploitation of this issue may lead to a partial information disclosure.
ac49834a2e6c712c7db1b5823114845156859551a728ab6b6fe890875a1d42ec
VMware Security Advisory 2016-0013 - VMware Identity Manager and vRealize Automation updates address multiple security issues.
10ce356485ee77b9cf3bc4ec235b364612bdc4d6ed152da245e7a1e17db10900
VMware Security Advisory 2016-0011 - vRealize Log Insight contains a vulnerability that may allow for a directory traversal attack. Exploitation of this issue may lead to a partial information disclosure. There are no known workarounds for this issue.
b45b5de8dca28391380d0aa9cee3799a1de998079808cf20c36f2871ff683764
VMware Security Advisory 2016-0009 - VMware vCenter Server updates address an important reflective cross-site scripting issue.
812f5a6cf20427ee2f1f7b8d87d372758a2c33718f894cbf39735e6aa71fbbfb
VMware Security Advisory 2016-0004 - VMware vCenter Server, vCloud Director (vCD), vRealize Automation (vRA) Identity Appliance, and the Client Integration Plugin (CIP) updates address a critical security issue.
bd56155a16a9898620437b43f01ad1f323acba62d3f1fc3b322b4be0caad980b
VMware Security Advisory 2016-0003 - VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS) issues.
2fefa633da6b4b9138dead147e57d9961bfc2750af2d0e07f94cefdff74a220e
VMware Security Advisory 2015-0008 - VMware product updates address information disclosure issue.
1c1a650290da77afa5cfb03bf88b3028205f532ac7c23a35fb455c034ad606fa
VMware Security Advisory 2015-0005 - VMware Workstation, Player, and Horizon View Client for Windows updates address a host privilege escalation vulnerability.
59a3124a6a1edf44fcbd19fea4a8569a864b53e76d75f7d23cf7672bccf89777
VMware Security Advisory 2015-0004 - VMware Workstation, Fusion and Horizon View Client updates address critical security issues.
3bbc42ddc83cb7369651a0d279f93ac38004090680d2c4d23db0f3d8c7f2a690
VMware Security Advisory 2015-0003 - VMware product updates address critical information disclosure issue in JRE.
d2cac7510a812a9e5ad6ab1a17ebdd42a6cf219288ba22d4633ff0e2ce1f85e4
VMware Security Advisory 2015-0002 - VMware vSphere Data Protection product update addresses a certificate validation vulnerability.
0531aeee8d20e6e4def483d5bc261726b7dc432377407392d954630e1a91fddd
VMware Security Advisory 2015-0001 - VMware vCenter Server, ESXi, Workstation, Player and Fusion address several security issues.
55fa1873d70654ee0597f3da9f1f88c2593c4ac47e45f3deaf0add63c4c2cd33
VMware Security Advisory 2014-0014 - AirWatch by VMware product update addresses information disclosure vulnerabilities.
87c695e22649e611682b410ebade0303433c3cdb027c057bec2c666827ae99b0
VMware Security Advisory 2014-0013 - VMware vCloud Automation Center (vCAC) product updates address a critical vulnerability in the vCAC VMware Remote Console (VMRC) function which could lead to a remote privilege escalation.
b1ca89f95858f9abffae98c547dee2717d5aa61ceb8da0ff0eede2fde46855bc
VMware Security Advisory 2014-0012 - VMware vSphere product updates address a Cross Site Scripting issue, a certificate validation issue and security vulnerabilities in third-party libraries.
7ae55e0d099a866f9060eaf2dd855d5f0aec675081fb0bc4925cd992333a41a6