VMware

Security Advisories are the official notification of security-related vulnerabilities and issues impacting VMware products. Security Advisories outline complete information on how to protect impacted systems. Each advisory contains a detailed description of the security vulnerability, affected systems, threat severity, risk mitigation techniques for fixing the vulnerability and securing the system.

VMware Security Advisories

May 3, 2012 VMSA-2012-0009.1

VMSA-2012-0009.1

VMware Workstation, Player, ESXi and ESX patches address critical security issues

[more]

April 26, 2012 VMSA-2012-0008

VMSA-2012-0008

VMware ESX updates to ESX Service Console

[more]

April 12, 2012 VMSA-2012-0007

VMSA-2012-0007

VMware hosted products and ESXi/ESX patches address privilege escalation

[more]

March 29, 2012 VMSA-2012-0006.1

VMSA-2012-0006.1

VMware ESXi and ESX address several security issues

[more]

March 15, 2012 VMSA-2012-0005

VMSA-2012-0005

VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues

[more]

March 15, 2012 VMSA-2012-0004

VMSA-2012-0004

VMware View privilege escalation and cross-site scripting

[more]

March 8, 2012 VMSA-2012-0003

VMSA-2012-0003

VMware VirtualCenter Update and ESX 3.5 patch update JRE

[more]

March 8, 2012 VMSA-2012-0002

VMSA-2012-0002

VMware vCenter Chargeback Manager Information Leak and Denial of Service

[more]

January 30, 2012 VMSA-2012-0001.2

VMSA-2012-0001.2

VMware ESXi and ESX updates to third party library and ESX Service Console

[more]

November 17, 2011 VMSA-2011-0014

VMSA-2011-0014

VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability

[more]

October 27, 2011 VMSA-2011-0013.3

VMSA-2011-0013.3

VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

[more]

October 12, 2011 VMSA-2011-0012.3

VMSA-2011-0012.3

VMware ESX third party updates for Service Console packages glibc and dhcp

[more]

October 4, 2011 VMSA-2011-0011

VMSA-2011-0011

VMware hosted products address remote code execution

[more]

July 28, 2011 VMSA-2011-0010.3

VMSA-2011-0010.3

VMware ESX third party updates for Service Console packages glibc and dhcp

[more]

June 2, 2011 VMSA-2011-0009.3

VMSA-2011-0009.3

VMware hosted product updates, ESX patches and VI Client update resolve multiple security issues

[more]

May 5, 2011 VMSA-2011-0008

VMSA-2011-0008

VMware vCenter Server and vSphere Client security vulnerabilities

[more]

April 28, 2011 VMSA-2011-0007

VMSA-2011-0007

VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console

[more]

March 29, 2011 VMSA-2011-0006.1

VMSA-2011-0006.1

VMware vmrun utility local privilege escalation

[more]

April 12, 2011 VMSA-2011-0005.3

VMSA-2011-0005.3

VMware vCenter Orchestrator and Alive Enterprise remote code execution vulnerability

[more]

March 7, 2011 VMSA-2011-0004.3

VMSA-2011-0004.3

VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.

[more]

February 10, 2011 VMSA-2011-0003.2

VMSA-2011-0003.2

Third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX

[more]

February 7, 2011 VMSA-2011-0002

VMSA-2011-0002

Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi

[more]

April 28, 2011 VMSA-2011-0001.3

VMSA-2011-0001.3

VMware ESX third party updates for Service Console packages glibc, sudo, and openldap

[more]

December 21, 2010 VMSA-2010-0020.1

VMSA-2010-0020.1

VMware ESXi 4.1 Update Installer SFCB Authentication Flaw

[more]

December 7, 2010 VMSA-2010-0019.3

VMSA-2010-0019.3

VMware ESX third party updates for Service Console

[more]

December 2, 2010 VMSA-2010-0018

VMSA-2010-0018

VMware hosted products and ESX patches resolve multiple security issues

[more]

November 29, 2010 VMSA-2010-0017.1

VMSA-2010-0017.1

VMware ESX third party update for Service Console kernel

[more]

November 16, 2010 VMSA-2010-0016.1

VMSA-2010-0016.1

VMware ESXi and ESX third party updates for Service Console and Likewise components

[more]

September 30, 2010 VMSA-2010-0015.1

VMSA-2010-0015.1

VMware ESX third party updates for Service Console

[more]

September 24, 2010 VMSA-2010-0014.1

VMSA-2010-0014.1

VMware Workstation, Player, and ACE address several security issues.

[more]

August 31, 2010 VMSA-2010-0013.3

VMSA-2010-0013.3

VMware ESX third party updates for Service Console

[more]

June 19, 2010 VMSA-2010-0012.2

VMSA-2010-0012.2

VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities

[more]

July 12, 2010 VMSA-2010-0011

VMSA-2010-0011

VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0.

[more]

June 24, 2010 VMSA-2010-0010

VMSA-2010-0010

ESX 3.5 third party update for Service Console kernel

[more]

May 27, 2010 VMSA-2010-0009.2

VMSA-2010-0009.2

ESXi utilities and ESX Service Console third party updates

[more]

May 5, 2010 VMSA-2010-0008

VMSA-2010-0008

VMware View 3.1.3 addresses an important cross-site scripting vulnerability

[more]

April 9, 2010 VMSA-2010-0007.1

VMSA-2010-0007.1

VMware hosted products, vCenter Server and ESX patches resolve multiple security issues

[more]

April 1, 2010 VMSA-2010-0006.1

VMSA-2010-0006.1

ESX Service Console updates for samba and acpid

[more]

March 29, 2010 VMSA-2010-0005

VMSA-2010-0005

VMware products address vulnerabilities in WebAccess

[more]

March 3, 2010 VMSA-2010-0004.5

VMSA-2010-0004.5

ESX Service Console and vMA third party updates

[more]

February 16, 2010 VMSA-2010-0003.1

VMSA-2010-0003.1

VMSA-2010-0003.1 ESX Service Console update for net-snmp

[more]

January 29, 2010 VMSA-2010-0002.4

VMSA-2010-0002.4

VMware vCenter update release addresses multiple security issues in Java JRE

[more]

January 8, 2010 VMSA-2010-0001.1

VMSA-2010-0001.1

ESX Service Console and vMA updates for nss and nspr

[more]

December 15, 2009 VMSA-2009-0017

VMSA-2009-0017

VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues

[more]

November 20, 2009 VMSA-2009-0016.6

VMSA-2009-0016.6

VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.

[more]

October 27, 2009 VMSA-2009-0015

VMSA-2009-0015

VMware hosted products and ESX patches resolve two security issues

[more]

October 16, 2009 VMSA-2009-0014.3

VMSA-2009-0014.3

VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues

[more]

October 1, 2009 VMSA-2009-0013

VMSA-2009-0013

VMware Fusion resolves two security issues

[more]

September 4, 2009 VMSA-2009-0012

VMSA-2009-0012

VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.

[more]

August 31, 2009 VMSA-2009-0011

VMSA-2009-0011

VMware Studio 2.0 addresses a security issue in the public beta version of Studio 2.0

[more]

August 29, 2009 VMSA-2009-0010.1

VMSA-2009-0010.1

VMware Hosted products update libpng and Apache HTTP Server

[more]

July 10, 2009 VMSA-2009-0009

VMSA-2009-0009

ESX Service Console updates for udev, sudo, and curl

[more]

June 30, 2009 VMSA-2009-0008.2

VMSA-2009-0008.2

ESX Service Console update for krb5

[more]

May 28, 2009 VMSA-2009-0007

VMSA-2009-0007

VMware Hosted products and ESX and ESXi patches resolve security issues

[more]

April 10, 2009 VMSA-2009-0006

VMSA-2009-0006

VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability

[more]

April 3, 2009 VMSA-2009-0005

VMSA-2009-0005

VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues

[more]

March 31, 2009 VMSA-2009-0004.3

VMSA-2009-0004.3

ESX Service Console updates for openssl, bind, and vim

[more]

February 26, 2009 VMSA-2009-0003

VMSA-2009-0003

ESX 2.5.5 patch 12 updates service console packaged

[more]

February 23, 2009 VMSA-2009-0002.2

VMSA-2009-0002.2

Updated VMware VirtualCenter Update 4 and ESX patch update Tomcat packages.

[more]

January 30, 2009 VMSA-2009-0001.1

VMSA-2009-0001.1

ESX patches address an issue loading corrupt virtual disks and update Service Console packages

[more]

December 3, 2008 VMSA-2008-0019.1

VMSA-2008-0019.1

VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2

[more]

November 6, 2008 VMSA-2008-0018

VMSA-2008-0018

VMware Hosted products and patches for ESX and ESXi resolve two security issues

[more]

October 31, 2008 VMSA-2008-0017.2

VMSA-2008-0017.2

Updated ESX packages for libxml2, ucd-snmp, libtiff

[more]

October 3, 2008 VMSA-2008-0016.3

VMSA-2008-0016.3

VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues

[more]

September 18, 2008 VMSA-2008-0015

VMSA-2008-0015

Updated ESXi and ESX 3.5 packages address critical security issue in openwsman

[more]

September 2, 2008 VMSA-2008-0014.3

VMSA-2008-0014.3

Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.

[more]

August 12, 2008 VMSA-2008-0013.4

VMSA-2008-0013.4

Updated ESX packages for OpenSSL, net-snmp, perl

[more]

August 12, 2008 VMSA-2008-0012

VMSA-2008-0012

Updated VirtualCenter addresses User Account Disclosure Vulnerability

[more]

July 28, 2008 VMSA-2008-0011.3

VMSA-2008-0011.3

Updated ESX service console packages for Samba and vmnix

[more]

June 16, 2008 VMSA-2008-0010.3

VMSA-2008-0010.3

Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter

[more]

June 4, 2008 VMSA-2008-0009.2

VMSA-2008-0009.2

Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues

[more]

May 30, 2008 VMSA-2008-0008

VMSA-2008-0008

Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues

[more]

April 16, 2008 VMSA-2008-0007.2

VMSA-2008-0007.2

Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus

[more]

March 28, 2008 VMSA-2008-0006.1

VMSA-2008-0006.1

Updated libxml2 service console package

[more]

March 17, 2008 VMSA-2008-0005.1

VMSA-2008-0005.1

Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line

[more]

March 3, 2008 VMSA-2008-0004.1

VMSA-2008-0004.1

Updated e2fsprogs service console package

[more]

February 4, 2008 VMSA-2008-0003.1

VMSA-2008-0003.1

Updated aacraid driver and Samba and Python service console updates

[more]

January 7, 2008 VMSA-2008-0002.1

VMSA-2008-0002.1

Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.

[more]

January 7, 2008 VMSA-2008-0001

VMSA-2008-0001

Updated service console patches.

[more]

September 18, 2007 VMSA-2007-0006

VMSA-2007-0006

Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.

[more]

July 5, 2007 VMSA-2007-0005

VMSA-2007-0005

Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.

[more]

Sign Up for Email Alerts


Enter your email address: