Los recomendaciones de seguridad de VMware contienen información sobre corrección de problemas para las vulnerabilidades de seguridad detectadas en los productos de VMware.
Regístrese en el cuadro de la derecha de esta página para recibir recomendaciones nuevas y actualizadas en su correo electrónico.
November 12, 2019
VMSA-2019-0021VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2019-5540, CVE-2019-5541, CVE-2019-5542)
November 12, 2019
VMSA-2019-0020VMware ESXi, Workstation, and Fusion patches provide Hypervisor-Specific Mitigations for Speculative-Execution Vulnerabilities (CVE-2018-12207, CVE-2019-11135)
October 24, 2019
VMSA-2019-0019VMware ESXi, Workstation and Fusion updates address a denial-of-service vulnerability (CVE-2019-5536)
October 24, 2019
VMSA-2019-0018VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions (CVE-2019-5537, CVE-2019-5538)
October 16, 2019
VMSA-2019-0017VMware SD-WAN by VeloCloud update addresses information disclosure vulnerability (CVE-2019-5533)
October 15, 2019
VMSA-2019-0016VMware Cloud Foundation and VMware Harbor Container Registry for PCF address broken access control vulnerability (CVE-2019-16919)
September 24, 2019
VMSA-2019-0015VMware Cloud Foundation and VMware Harbor Container Registry for PCF address remote escalation of privilege vulnerability (CVE-2019-16097)
September 19, 2019
VMSA-2019-0014.1VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535)
September 16, 2019
VMSA-2019-0013.1VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
August 02, 2019
VMSA-2019-0012VMware ESXi, Workstation and Fusion updates address out-of-bounds read/write vulnerabilities (CVE-2019-5521, CVE-2019-5684)
July 09, 2019
VMSA-2019-0011.1ESXi patches address partial denial of service vulnerability in hostd process (CVE-2019-5528)
July 02, 2019
VMSA-2019-0010.3VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)
June 06, 2019
VMSA-2019-0009VMware Tools and Workstation updates address out of bounds read and use-after-free vulnerabilities. (CVE-2019-5522, CVE-2019-5525)
May 14, 2019
VMSA-2019-0008.2VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
May 14, 2019
VMSA-2019-0007VMware Workstation update addresses a DLL-hijacking issue (CVE-2019-5526)
April 11, 2019
VMSA-2019-0006VMware ESXi, Workstation and Fusion updates address multiple out-of-bounds read vulnerabilities
March 28, 2019
VMSA-2019-0005.1VMware ESXi, Workstation and Fusion updates address multiple security issues.
March 28, 2019
VMSA-2019-0004VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability
March 14, 2019
VMSA-2019-0003VMware Horizon update addresses Connection Server information disclosure vulnerability.
February 15, 2019
VMSA-2019-0001.3VMware product updates resolve mishandled file descriptor vulnerability in runc container runtime.
December 18, 2018
VMSA-2018-0031vRealize Operations updates address a local privilege escalation vulnerability
November 22, 2018
VMSA-2018-0030VMware Workstation and Fusion updates address an integer overflow issue.
November 20, 2018
VMSA-2018-0029vSphere Data Protection (VDP) updates address multiple security issues.
November 13, 2018
VMSA-2018-0028VMware vRealize Log Insight updates address an authorization bypass vulnerability
November 09, 2018
VMSA-2018-0027VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage
October 16, 2018
VMSA-2018-0026VMware ESXi, Workstation, and Fusion updates address an out-of-bounds read vulnerability
October 09, 2018
VMSA-2018-0025VMware ESXi, Workstation, and Fusion workarounds address a denial-of-service vulnerability
October 04, 2018
VMSA-2018-0024.1VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) update resolves SAML authentication bypass vulnerability
September 05, 2018
VMSA-2018-0023AirWatch Agent and VMware Content Locker updates resolve data protection vulnerabilities
August 14, 2018
VMSA-2018-0022VMware Workstation and Fusion updates address an out-of-bounds write issue
August 14, 2018
VMSA-2018-0021.2Operating System-Specific Mitigations address L1 Terminal Fault - OS vulnerability in VMware Virtual Appliances.
August 14, 2018
VMSA-2018-0020VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM vulnerability.
August 07, 2018
VMSA-2018-0019.1Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability
July 19, 2018
VMSA-2018-0018VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues
June 28, 2018
VMSA-2018-0016VMware ESXi, Workstation, and Fusion updates address multiple out-of-bounds read vulnerabilities
June 11, 2018
VMSA-2018-0015.1VMware AirWatch Agent updates resolve remote code execution vulnerability.
May 29, 2018
VMSA-2018-0014VMware Horizon Client update addresses a privilege escalation vulnerability
May 22, 2018
VMSA-2018-0012.1VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.
May 21, 2018
VMSA-2018-0013VMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities
May 15, 2018
VMSA-2018-0011.1Unauthenticated Command Injection vulnerability in VMware SD-WAN by VeloCloud
March 15, 2018
VMSA-2018-0008Workstation and Fusion updates address a denial-of-service vulnerability
February 07, 2018
VMSA-2018-0007.6VMware Virtual Appliance updates address side-channel analysis due to speculative execution
January 26, 2018
VMSA-2018-0006vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities
January 10, 2018
VMSA-2018-0005VMware Workstation, and Fusion updates resolve use-after-free and integer-overflow vulnerabilities
January 09, 2018
VMSA-2018-0004.3VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Remediation for speculative execution issue
January 04, 2018
VMSA-2018-0003vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities
January 03, 2018
VMSA-2018-0002.3VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.
January 02, 2018
VMSA-2018-0001vSphere Data Protection (VDP) updates address multiple security issues.
December 19, 2017
VMSA-2017-0021VMware ESXi, vCenter Server Appliance, Workstation and Fusion updates address multiple security vulnerabilities
December 12, 2017
VMSA-2017-0020VMware AirWatch Console updates address Broken Access Control vulnerability.
November 17, 2017
VMSA-2017-0019NSX for vSphere update addresses NSX Edge Cross-Site Scripting (XSS) issue.
November 16, 2017
VMSA-2017-0018.1VMware Workstation, Fusion and Horizon View Client updates resolve multiple security vulnerabilities
November 10, 2017
VMSA-2017-0017VMware vCenter Server update resolves LDAP DoS, SSRF and CRLF injection issues
November 09, 2017
VMSA-2017-0016VMware AirWatch Console and Launcher for Android updates resolve multiple vulnerabilities.
September 14, 2017
VMSA-2017-0015.2VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities
July 27, 2017
VMSA-2017-0013VMware vCenter Server and Tools updates resolve multiple security vulnerabilities
June 06, 2017
VMSA-2017-0010vSphere Data Protection (VDP) updates address multiple security issues.
April 18, 2017
VMSA-2017-0008.2VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security vulnerabilities
April 13, 2017
VMSA-2017-0007VMware vCenter Server updates resolve a remote code execution vulnerability via BlazeDS
March 28, 2017
VMSA-2017-0006VMware ESXi, Workstation and Fusion updates address critical and moderate security issues
March 14, 2017
VMSA-2017-0005VMware Workstation and Fusion updates address out-of-bounds memory access vulnerability
March 13, 2017
VMSA-2017-0004.7VMware product updates resolve remote code execution vulnerability via Apache Struts 2
January 30, 2017
VMSA-2017-0001AirWatch updates address bypass of root detection and local container encryption
December 20, 2016
VMSA-2016-0024.1vSphere Data Protection (VDP) update addresses SSH key-based authentication issue
November 22, 2016
VMSA-2016-0022VMware product updates address information disclosure vulnerabilities
November 22, 2016
VMSA-2016-0021VMware product updates address partial information disclosure vulnerability
November 15, 2016
VMSA-2016-0020vRealize Operations update addresses REST API deserialization vulnerability
November 13, 2016
VMSA-2016-0019VMware Workstation and Fusion updates address critical out-of-bounds memory access vulnerability
November 09, 2016
VMSA-2016-0018.3VMware product updates address local privilege escalation vulnerability in Linux kernel
October 25, 2016
VMSA-2016-0017VMware product updates address multiple information disclosure issues
October 11, 2016
VMSA-2016-0016.1vRealize Operations (vROps) updates address privilege escalation vulnerability
October 06, 2016
VMSA-2016-0015VMware Horizon View updates address directory traversal vulnerability
September 13, 2016
VMSA-2016-0014.1VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues
August 23, 2016
VMSA-2016-0013VMware Identity Manager and vRealize Automation updates address multiple security issues
August 12, 2016
VMSA-2016-0011vRealize Log Insight update addresses directory traversal vulnerability
June 14, 2016
VMSA-2016-0009VMware vCenter Server updates address an important reflected cross-site scripting issue
June 09, 2016
VMSA-2016-0008VMware vRealize Log Insight addresses important and moderate security issues
June 09, 2016
VMSA-2016-0007.2VMware NSX and vCNS product updates address a critical information disclosure vulnerability
May 24, 2016
VMSA-2016-0006VMware vCenter Server updates address an important cross-site scripting issue
April 14, 2016
VMSA-2016-0004VMware product updates address a critical security issue in the VMware Client Integration Plugin
March 15, 2016
VMSA-2016-0003VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS) issues.
February 22, 2016
VMSA-2016-0002.1VMware product updates address a critical glibc security vulnerability.
January 07, 2016
VMSA-2016-0001VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability
December 18, 2015
VMSA-2015-0009.5VMware vCenter Server updates address an important reflected cross-site scripting issue
September 30, 2015
VMSA-2015-0007.7VMware vCenter and ESXi updates address critical security issues.
September 16, 2015
VMSA-2015-0006.1VMware vCenter Server updates address a LDAP certificate validation issue
July 09, 2015
VMSA-2015-0005VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability
June 09, 2015
VMSA-2015-0004VMware Workstation, Fusion and Horizon View Client updates address critical security issues
April 02, 2015
VMSA-2015-0003.14VMware product updates address critical information disclosure issue in JRE.
January 29, 2015
VMSA-2015-0002VMware vSphere Data Protection product update addresses a certificate validation vulnerability.
January 27, 2015
VMSA-2015-0001.2VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
December 10, 2014
VMSA-2014-0014AirWatch by VMware product update addresses information disclosure vulnerabilities
December 09, 2014
VMSA-2014-0013VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability
October 22, 2014
VMSA-2014-0011VMware vSphere Data Protection product update addresses a critical information disclosure vulnerability.
September 30, 2014
VMSA-2014-0010.13VMware product updates address critical Bash security vulnerabilities
September 11, 2014
VMSA-2014-0009VMware NSX and vCNS product updates address a critical information disclosure vulnerability.
June 24, 2014
VMSA-2014-0007.2VMware product updates address security vulnerabilities in Apache Struts library
May 29, 2014
VMSA-2014-0005VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation
January 16, 2014
VMSA-2014-0001VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues
December 22, 2013
VMSA-2013-0016VMware ESXi and ESX unauthorized file access through vCenter Server and ESX
December 03, 2013
VMSA-2013-0014VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation
February 21, 2013
VMSA-2013-0003VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
February 07, 2013
VMSA-2013-0002.1VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability
January 31, 2013
VMSA-2013-0001.5VMware vSphere security updates for the authentication service and third party libraries
October 04, 2012
VMSA-2012-0014VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates
June 14, 2012
VMSA-2012-0011VMware hosted products and ESXi and ESX patches address security issues
May 03, 2012
VMSA-2012-0009.2VMware Workstation, Player, ESXi and ESX patches address critical security issues
April 12, 2012
VMSA-2012-0007.1VMware hosted products and ESXi/ESX patches address privilege escalation
March 15, 2012
VMSA-2012-0005.4VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
March 08, 2012
VMSA-2012-0002VMware vCenter Chargeback Manager Information Leak and Denial of Service
January 30, 2012
VMSA-2012-0001.2VMware ESXi and ESX updates to third party library and ESX Service Console
November 17, 2011
VMSA-2011-0014VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
October 27, 2011
VMSA-2011-0013.3VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
October 12, 2011
VMSA-2011-0012.3VMware ESXi and ESX updates to third party libraries and ESX Service Console
October 04, 2011
VMSA-2011-0011Hosted product updates address a remote code execution vulnerability in the way UDF file systems are handled
July 28, 2011
VMSA-2011-0010.3VMware ESX third party updates for Service Console packages glibc and dhcp
June 02, 2011
VMSA-2011-0009.3VMware hosted product updates, ESX patches and VI Client update resolve multiple security issue
April 28, 2011
VMSA-2011-0007VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
March 14, 2011
VMSA-2011-0005.3VMware vCenter Orchestrator and Alive Enterprise remote code execution vulnerability
March 07, 2011
VMSA-2011-0004.3VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.
February 07, 2011
VMSA-2011-0003.2Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
February 07, 2011
VMSA-2011-0002Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
January 04, 2011
VMSA-2011-0001.3VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
December 02, 2010
VMSA-2010-0018VMware hosted products and ESX patches resolve multiple security issues
November 15, 2010
VMSA-2010-0016.1VMware ESXi and ESX third party updates for Service Console and Likewise components
September 23, 2010
VMSA-2010-0014.1VMware Workstation, Player, and ACE address several security issues.
July 19, 2010
VMSA-2010-0012.2VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
July 13, 2010
VMSA-2010-0011VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0.
May 05, 2010
VMSA-2010-0008VMware View 3.1.3 addresses an important cross-site scripting vulnerability
April 09, 2010
VMSA-2010-0007.1VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
January 29, 2010
VMSA-2010-0002.4VMware vCenter update release addresses multiple security issues in Java JRE
December 15, 2009
VMSA-2009-0017VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues
November 20, 2009
VMSA-2009-0016.6VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
October 16, 2009
VMSA-2009-0014.3VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
September 18, 2009
VMSA-2008-0015Updated ESXi and ESX 3.5 packages address critical security issue in openwsman
September 04, 2009
VMSA-2009-0012VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.
August 31, 2009
VMSA-2009-0011VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0
April 10, 2009
VMSA-2009-0006VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
April 03, 2009
VMSA-2009-0005VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues
February 23, 2009
VMSA-2009-0002.2VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27
January 30, 2009
VMSA-2009-0001.1ESX patches address an issue loading corrupt virtual disks and update Service Console packages
December 08, 2008
VMSA-2008-0012Updated VirtualCenter addresses User Account Disclosure Vulnerability
December 02, 2008
VMSA-2008-0019.1VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
November 06, 2008
VMSA-2008-0018VMware Hosted products and patches for ESX and ESXi resolve two security issues
October 03, 2008
VMSA-2008-0016.3VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues
August 29, 2008
VMSA-2008-0014.3Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.
June 16, 2008
VMSA-2008-0010.3Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
June 04, 2008
VMSA-2008-0009.2Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
May 30, 2008
VMSA-2008-0008Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues
April 15, 2008
VMSA-2008-0007.2Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
March 17, 2008
VMSA-2008-0005.1Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line
February 04, 2008
VMSA-2008-0003.1Updated aacraid driver and Samba and Python service console updates
January 07, 2008
VMSA-2008-0002.1Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
September 18, 2007
VMSA-2007-0006Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
July 05, 2007
VMSA-2007-0005Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.