Recomendaciones de seguridad de VMware
Los recomendaciones de seguridad de VMware contienen información sobre corrección de problemas para las vulnerabilidades de seguridad detectadas en los productos de VMware.
Regístrese en el cuadro de la derecha de esta página para recibir recomendaciones nuevas y actualizadas en su correo electrónico.
November 15, 2023
VMSA-2023-0026.1VMware Cloud Director Appliance contains an authentication bypass vulnerability (CVE-2023-34060).
October 31, 2023
VMSA-2023-0025VMware Workspace ONE UEM console updates address an open redirect vulnerability (CVE-2023-20886)
October 26, 2023
VMSA-2023-0024VMware Tools updates address Local Privilege Escalation and SAML Token Signature Bypass vulnerabilities (CVE-2023-34057, CVE-2023-34058)
October 25, 2023
VMSA-2023-0023VMware vCenter Server updates address out-of-bounds write and information disclosure vulnerabilities
October 20, 2023
VMSA-2023-0022VMware Fusion and Workstation updates address privilege escalation and information disclosure vulnerabilities
October 19, 2023
VMSA-2023-0021VMware Aria Operations for Logs updates address multiple vulnerabilities. (CVE-2023-34051, CVE-2023-34052)
September 26, 2023
VMSA-2023-0020VMware Aria Operations updates address local privilege escalation vulnerability. (CVE-2023-34043)
August 31, 2023
VMSA-2023-0019.1VMware Tools updates address a SAML Token Signature Bypass Vulnerability (CVE-2023-20900)
August 30, 2023
VMSA-2023-0018VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-34039, CVE-2023-20890)
August 03, 2023
VMSA-2023-0017VMware Horizon Server updates address multiple security vulnerabilities (CVE-2023-34037, CVE-2023-34038)
July 25, 2023
VMSA-2023-0016VMware Tanzu application services for VMs and Isolation segment updates address information disclosure vulnerability
July 06, 2023
VMSA-2023-0015VMware SD-WAN update addresses a bypass authentication vulnerability (CVE-2023-20899)
June 22, 2023
VMSA-2023-0014VMware vCenter Server updates address multiple memory corruption vulnerabilities (CVE-2023-20892, CVE-2023-20893, CVE-2023-20894, CVE-2023-20895, CVE-2023-20896)
June 06, 2023
VMSA-2023-0012.2VMware Aria Operations for Networks updates address multiple vulnerabilities. (CVE-2023-20887, CVE-2023-20888, CVE-2023-20889)
May 30, 2023
VMSA-2023-0011VMware Workspace ONE Access and Identity Manager update addresses an Insecure Redirect Vulnerability (CVE-2023-20884)
May 23, 2023
VMSA-2023-0010NSX-T update addresses cross-site scripting vulnerability (CVE-2023-20868)
May 11, 2023
VMSA-2023-0009VMware Aria Operations update addresses multiple Local Privilege Escalations and a Deserialization issue (CVE-2023-20877, CVE-2023-20878, CVE-2023-20879, CVE-2023-20880)
April 25, 2023
VMSA-2023-0008VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2023-20869, CVE-2023-20870, CVE-2023-20871, CVE-2023-20872)
April 20, 2023
VMSA-2023-0007VMware Aria Operations for Logs (Operations for Logs) update addresses multiple vulnerabilities. (CVE-20864, CVE-20865)
February 28, 2023
VMSA-2023-0006VMware Workspace ONE Content update addresses a passcode bypass vulnerability (CVE-2023-20857)
February 21, 2023
VMSA-2023-0005VMware vRealize Orchestrator update addresses an XML External Entity (XXE) vulnerability (CVE-2023-20855)
February 21, 2023
VMSA-2023-0004VMware Carbon Black App Control updates address an injection vulnerability (CVE-2023-20858)
February 02, 2023
VMSA-2023-0003VMware Workstation update addresses an arbitrary file deletion vulnerability (CVE-2023-20854)
January 31, 2023
VMSA-2023-0002VMware vRealize Operations (vROps) update addresses a CSRF bypass vulnerability (CVE-2023-20856)
December 15, 2022
VMSA-2022-0034VMware vRealize Operations (vROps) updates address privilege escalation vulnerabilities (CVE-2022-31707, CVE-2022-31708)
December 13, 2022
VMSA-2022-0033VMware ESXi, Workstation, and Fusion updates address a heap out-of-bounds write vulnerability (CVE-2022-31705)
December 13, 2022
VMSA-2022-0032VMware Workspace ONE Access and Identity Manager updates address multiple vulnerabilities (CVE-2022-31700, CVE-2022-31701).
December 13, 2022
VMSA-2022-0031VMware vRealize Network Insight (vRNI) updates address command injection and directory traversal security vulnerabilities (CVE-2022-31702, CVE-2022-31703)
December 08, 2022
VMSA-2022-0030VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2022-31696, CVE-2022-31697, CVE-2022-31698, CVE-2022-31699)
November 29, 2022
VMSA-2022-0029VMware Tools for Windows update addresses a denial-of-service vulnerability (CVE-2021-31693)
November 08, 2022
VMSA-2022-0028VMware Workspace ONE Assist update addresses multiple vulnerabilities. (CVE-2022-31685, CVE-2022-31686, CVE-2022-31687, CVE-2022-31688, CVE-2022-31689)
October 06, 2022
VMSA-2022-0025VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2022-31680, CVE-2022-31681)
August 23, 2022
VMSA-2022-0024.1VMware Tools update addresses a local privilege escalation vulnerability (CVE-2022-31676)
August 09, 2022
VMSA-2022-0023VMware Workstation update addresses an Unprotected Storage of Credentials vulnerability (CVE-2022-22983)
August 02, 2022
VMSA-2022-0021.1VMware Workspace ONE Access, Access Connector, Identity Manager, Identity Manager Connector and vRealize Automation updates address multiple vulnerabilities.
July 12, 2022
VMSA-2022-0020.2VMware ESXi addresses Return-Stack-Buffer-Underflow and Branch Type Confusion vulnerabilities
July 12, 2022
VMSA-2022-0018VMware vCenter Server updates address a server-side request forgery vulnerability (CVE-2022-22982)
June 15, 2022
VMSA-2022-0017VMware HCX update address an information disclosure vulnerability (CVE-2022-22953)
June 14, 2022
VMSA-2022-0016VMware ESXi addresses DirectPath I/O (PCI-Passthrough) Information Leak vulnerability (CVE-2022-21123, CVE-2022-21125, CVE-2022-21166)
May 24, 2022
VMSA-2022-0015VMware Tools for Windows update addresses an XML External Entity (XXE) vulnerability (CVE-2022-22977)
May 18, 2022
VMSA-2022-0014VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.
April 14, 2022
VMSA-2022-0013VMware Cloud Director update addresses remote code execution vulnerability (CVE-2022-22966)
April 06, 2022
VMSA-2022-0012.1VMware Horizon Agent for Linux update addresses multiple vulnerabilities (CVE-2022-22962, CVE-2022-22964)
April 06, 2022
VMSA-2022-0011VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities.
April 02, 2022
VMSA-2022-0010.5VMware Response to Spring Framework Remote Code Execution Vulnerability, aka Spring4Shell (CVE-2022-22965)
March 29, 2022
VMSA-2022-0009.1VMware vCenter Server updates address an information disclosure vulnerability (CVE-2022-22948)
March 23, 2022
VMSA-2022-0008VMware Carbon Black App Control update addresses multiple vulnerabilities (CVE-2022-22951, CVE-2022-22952)
March 01, 2022
VMSA-2022-0007VMware Tools for Windows update addresses an uncontrolled search path vulnerability (CVE-2022-22943)
February 23, 2022
VMSA-2022-0006VMware Workspace ONE Boxer update addresses a stored cross-site scripting (XSS) vulnerability (CVE-2022-22944)
February 15, 2022
VMSA-2022-0005VMware NSX Edge update addresses CLI shell injection vulnerability (CVE-2022-22945)
February 15, 2022
VMSA-2022-0004VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2021-22040, CVE-2021-22041, CVE-2021-22042, CVE-2021-22043, CVE-2021-22050)
January 18, 2022
VMSA-2022-0002VMware Workstation and Horizon Client for Windows updates address a denial-of-service vulnerability (CVE-2022-22938)
January 04, 2022
VMSA-2022-0001.2VMware Workstation, Fusion and ESXi updates address a heap-overflow vulnerability (CVE-2021-22045)
December 18, 2021
VMSA-2021-0030VMware Workspace ONE Access, Identity Manager and vRealize Automation updates address multiple vulnerabilities (CVE-2021-22056, CVE-2021-22057)
December 16, 2021
VMSA-2021-0029VMware Workspace ONE UEM console patches address SSRF vulnerability (CVE-2021-22054)
November 23, 2021
VMSA-2021-0027.1VMware vCenter Server updates address arbitrary file read and SSRF vulnerabilities (CVE-2021-21980, CVE-2021-22049)
November 11, 2021
VMSA-2021-0026VMware Tanzu Application Service for VMs updates address a denial-of-service vulnerability (CVE-2021-22101)
November 10, 2021
VMSA-2021-0025.6VMware vCenter Server updates address a privilege escalation vulnerability (CVE-2021-22048)
October 12, 2021
VMSA-2021-0023.1VMware vRealize Orchestrator update addresses open redirect vulnerability (CVE-2021-22036)
October 12, 2021
VMSA-2021-0022VMware vRealize Log Insight updates address CSV injection vulnerability (CVE-2021-22035)
September 20, 2021
VMSA-2021-0020.1VMware vCenter Server updates address multiple security vulnerabilities
August 24, 2021
VMSA-2021-0019VMware vRealize Log Insight updates address Cross Site Scripting (XSS) vulnerability (CVE-2021-22021)
August 24, 2021
VMSA-2021-0018VMware vRealize Operations updates address multiple security vulnerabilities (CVE-2021-22022, CVE-2021-22023, CVE-2021-22024, CVE-2021-22025, CVE-2021-22026, CVE-2021-22027)
August 19, 2021
VMSA-2021-0017VMware Workspace ONE UEM console patches address a denial of service vulnerability (CVE-2021-22029)
August 05, 2021
VMSA-2021-0016VMware Workspace One Access, Identity Manager and vRealize Automation address multiple vulnerabilities (CVE-2021-22002, CVE-2021-22003)
July 13, 2021
VMSA-2021-0015VMware ThinApp update addresses a DLL hijacking vulnerability (CVE-2021-22000)
July 13, 2021
VMSA-2021-0014VMware ESXi updates address authentication and denial of service vulnerabilities (CVE-2021-21994, CVE-2021-21995)
June 22, 2021
VMSA-2021-0013VMware Tools, VMRC and VMware App Volumes update addresses a local privilege escalation vulnerability (CVE-2021-21999)
June 22, 2021
VMSA-2021-0012VMware Carbon Black App Control update addresses authentication bypass (CVE-2021-21998)
June 17, 2021
VMSA-2021-0011VMware Tools for Windows update addresses a denial-of-service vulnerability (CVE-2021-21997)
May 25, 2021
VMSA-2021-0010VMware vCenter Server updates address remote code execution and authentication vulnerabilities (CVE-2021-21985, CVE-2021-21986)
May 20, 2021
VMSA-2021-0009VMware Workstation and Horizon Client for Windows updates address multiple security vulnerabilities (CVE-2021-21987, CVE-2021-21988, CVE-2021-21989)
May 11, 2021
VMSA-2021-0008VMware Workspace ONE UEM console patches address a Cross-site scripting vulnerability (CVE-2021-21990)
May 05, 2021
VMSA-2021-0007VMware vRealize Business for Cloud updates address a remote code execution vulnerability (CVE-2021-21984)
April 19, 2021
VMSA-2021-0006VMware NSX-T updates address a privilege escalation vulnerability (CVE-2021-21981)
April 01, 2021
VMSA-2021-0005VMware Carbon Black Cloud Workload appliance incorrect URL handling vulnerability (CVE-2021-21982)
March 30, 2021
VMSA-2021-0004.2VMware vRealize Operations updates address Server Side Request Forgery and Arbitrary File Write vulnerabilities
March 02, 2021
VMSA-2021-0003VMware View Planner update addresses remote code execution vulnerability (CVE-2021-21978)
February 23, 2021
VMSA-2021-0002VMware ESXi and vCenter Server updates address multiple security vulnerabilities (CVE-2021-21972, CVE-2021-21973, CVE-2021-21974)
February 11, 2021
VMSA-2021-0001vSphere Replication updates address a command injection vulnerability (CVE-2021-21976)
February 09, 2021
VMSA-2020-0029.1VMware ESXi, Workstation, Fusion and Cloud Foundation updates address a denial of service vulnerability (CVE-2020-3999)
December 15, 2020
VMSA-2020-0028Carbon Black Cloud macOS Sensor installer updates address file overwrite issue (CVE-2020-4008)
November 23, 2020
VMSA-2020-0027.2VMware Workspace One Access, Access Connector, Identity Manager, and Identity Manager Connector address command injection vulnerability
November 19, 2020
VMSA-2020-0026.1VMware ESXi, Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2020-4004, CVE-2020-4005)
November 18, 2020
VMSA-2020-0025VMware SD-WAN Orchestrator updates address multiple security vulnerabilities (CVE-2020-3984, CVE-2020-3985, CVE-2020-4000, CVE-2020-4001, CVE-2020-4002 ,CVE-2020-4003)
October 22, 2020
VMSA-2020-0024VMware Horizon Server and VMware Horizon Client updates address multiple security vulnerabilities (CVE-2020-3997, CVE-2020-3998)
October 20, 2020
VMSA-2020-0023.3VMware ESXi, Workstation, Fusion and NSX-T updates address multiple security vulnerabilities (CVE-2020-3981, CVE-2020-3982, CVE-2020-3992, CVE-2020-3993, CVE-2020-3994, CVE-2020-3995)
October 15, 2020
VMSA-2020-0022VMware Horizon Client update addresses a denial-of-service vulnerability (CVE-2020-3991)
September 21, 2020
VMSA-2020-0021Horizon DaaS update addresses a broken authentication vulnerability (CVE-2020-3977)
September 14, 2020
VMSA-2020-0020.1VMware Workstation, Fusion and Horizon Client updates address multiple security vulnerabilities (CVE-2020-3980, CVE-2020-3986, CVE-2020-3987, CVE-2020-3988, CVE-2020-3989, CVE-2020-3990)
August 20, 2020
VMSA-2020-0019VMware App Volumes patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3975)
August 20, 2020
VMSA-2020-0018VMware ESXi, vCenter Server, and Cloud Foundation updates address a partial denial of service vulnerability (CVE-2020-3976)
July 09, 2020
VMSA-2020-0017VMware Fusion, VMware Remote Console and Horizon Client updates address a privilege escalation vulnerability (CVE-2020-3974)
July 07, 2020
VMSA-2020-0016VMware SD-WAN by VeloCloud updates address SQL-injection vulnerability (CVE-2020-3973)
June 24, 2020
VMSA-2020-0015VMware ESXi, Workstation, and Fusion updates address multiple security vulnerabilities (CVE-2020-3962, CVE-2020-3963, CVE-2020-3964, CVE-2020-3965, CVE-2020-3966, CVE-2020-3967, CVE-2020-3968, CVE-2020-3969, CVE-2020-3970, CVE-2020-3971)
June 18, 2020
VMSA-2020-0014VMware Tools for macOS update addresses a denial-of-service vulnerability (CVE-2020-3972)
June 09, 2020
VMSA-2020-0013VMware Horizon Client for Windows update addresses privilege escalation vulnerability (CVE-2020-3961)
June 09, 2020
VMSA-2020-0013VMware Horizon Client for Windows update addresses privilege escalation vulnerability (CVE-2020-3961)
June 09, 2020
VMSA-2020-0012VMware ESXi, Workstation and Fusion updates address out-of-bounds read vulnerability (CVE-2020-3960)
May 28, 2020
VMSA-2020-0011.1VMware ESXi, Workstation, Fusion, VMware Remote Console and Horizon Client updates address multiple security vulnerabilities (CVE-2020-3957, CVE-2020-3958, CVE-2020-3959)
May 19, 2020
VMSA-2020-0010VMware Cloud Director updates address Code Injection Vulnerability (CVE-2020-3956)
May 08, 2020
VMSA-2020-0009.1vRealize Operations Application Remote Collector (ARC) addresses Authentication Bypass and Directory Traversal vulnerabilities (CVE-2020-11651, CVE-2020-11652)
April 28, 2020
VMSA-2020-0008VMware ESXi patches address Stored Cross-Site Scripting (XSS) vulnerability (CVE-2020-3955)
April 14, 2020
VMSA-2020-0007.2VMware vRealize Log Insight addresses Cross Site Scripting (XSS) and Open Redirect vulnerabilities (CVE-2020-3953, CVE-2020-3954)
April 10, 2020
VMSA-2020-0006.1VMware vCenter Server updates address sensitive information disclosure vulnerability in the VMware Directory Service (vmdir) (CVE-2020-3952)
March 17, 2020
VMSA-2020-0005.2VMware Workstation, Fusion, VMware Remote Console and Horizon Client updates address privilege escalation and denial-of-service vulnerabilities (CVE-2020-3950, CVE-2020-3951)
March 12, 2020
VMSA-2020-0004.1VMware Horizon Client, VMRC, VMware Workstation and Fusion updates address use-after-free and privilege escalation vulnerabilities (CVE-2019-5543, CVE-2020-3947, CVE-2020-3948)
February 18, 2020
VMSA-2020-0003vRealize Operations for Horizon Adapter updates address multiple security vulnerabilities (CVE-2020-3943, CVE-2020-3944, CVE-2020-3945)
January 14, 2020
VMSA-2020-0002VMware Tools workaround addresses a local privilege escalation vulnerability (CVE-2020-3941)
January 09, 2020
VMSA-2020-0001VMware Workspace ONE SDK and dependent mobile application updates address sensitive information disclosure vulnerability (CVE-2020-3940)
December 19, 2019
VMSA-2019-0023VMware Workstation and Horizon View Agent updates address a DLL-hijacking issue (CVE-2019-5539)
December 05, 2019
VMSA-2019-0022VMware ESXi and Horizon DaaS updates address OpenSLP remote code execution vulnerability (CVE-2019-5544)
November 12, 2019
VMSA-2019-0021VMware Workstation and Fusion updates address multiple security vulnerabilities (CVE-2019-5540, CVE-2019-5541, CVE-2019-5542)
November 12, 2019
VMSA-2019-0020VMware ESXi, Workstation, and Fusion patches provide Hypervisor-Specific Mitigations for Speculative-Execution Vulnerabilities (CVE-2018-12207, CVE-2019-11135)
October 24, 2019
VMSA-2019-0019VMware ESXi, Workstation and Fusion updates address a denial-of-service vulnerability (CVE-2019-5536)
October 24, 2019
VMSA-2019-0018VMware vCenter Server Appliance updates address sensitive information disclosure vulnerability in backup and restore functions (CVE-2019-5537, CVE-2019-5538)
October 16, 2019
VMSA-2019-0017VMware SD-WAN by VeloCloud update addresses information disclosure vulnerability (CVE-2019-5533)
October 15, 2019
VMSA-2019-0016VMware Cloud Foundation and VMware Harbor Container Registry for PCF address broken access control vulnerability (CVE-2019-16919)
September 24, 2019
VMSA-2019-0015VMware Cloud Foundation and VMware Harbor Container Registry for PCF address remote escalation of privilege vulnerability (CVE-2019-16097)
September 19, 2019
VMSA-2019-0014.1VMware ESXi, Workstation, Fusion, VMRC and Horizon Client updates address use-after-free and denial of service vulnerabilities. (CVE-2019-5527, CVE-2019-5535)
September 16, 2019
VMSA-2019-0013.1VMware ESXi and vCenter Server updates address command injection and information disclosure vulnerabilities. (CVE-2017-16544, CVE-2019-5531, CVE-2019-5532, CVE-2019-5534)
August 02, 2019
VMSA-2019-0012VMware ESXi, Workstation and Fusion updates address out-of-bounds read/write vulnerabilities (CVE-2019-5521, CVE-2019-5684)
July 09, 2019
VMSA-2019-0011.1ESXi patches address partial denial of service vulnerability in hostd process (CVE-2019-5528)
July 03, 2019
VMSA-2019-0010.3VMware product updates address Linux kernel vulnerabilities in TCP Selective Acknowledgement (SACK) (CVE-2019-11477, CVE-2019-11478)
June 06, 2019
VMSA-2019-0009VMware Tools and Workstation updates address out of bounds read and use-after-free vulnerabilities. (CVE-2019-5522, CVE-2019-5525)
May 14, 2019
VMSA-2019-0008.2VMware product updates enable Hypervisor-Specific Mitigations, Hypervisor-Assisted Guest Mitigations, and Operating System-Specific Mitigations for Microarchitectural Data Sampling (MDS) Vulnerabilities (CVE-2018-12126, CVE-2018-12127, CVE-2018-12130, and CVE-2019-11091)
May 14, 2019
VMSA-2019-0007VMware Workstation update addresses a DLL-hijacking issue (CVE-2019-5526)
April 11, 2019
VMSA-2019-0006VMware ESXi, Workstation and Fusion updates address multiple out-of-bounds read vulnerabilities
March 28, 2019
VMSA-2019-0005.1VMware ESXi, Workstation and Fusion updates address multiple security issues.
March 28, 2019
VMSA-2019-0004VMware vCloud Director for Service Providers update resolves a Remote Session Hijack vulnerability
March 14, 2019
VMSA-2019-0003VMware Horizon update addresses Connection Server information disclosure vulnerability.
February 15, 2019
VMSA-2019-0001.3VMware product updates resolve mishandled file descriptor vulnerability in runc container runtime.
December 18, 2018
VMSA-2018-0031vRealize Operations updates address a local privilege escalation vulnerability
November 22, 2018
VMSA-2018-0030VMware Workstation and Fusion updates address an integer overflow issue.
November 20, 2018
VMSA-2018-0029vSphere Data Protection (VDP) updates address multiple security issues.
November 13, 2018
VMSA-2018-0028VMware vRealize Log Insight updates address an authorization bypass vulnerability
November 09, 2018
VMSA-2018-0027VMware ESXi, Workstation, and Fusion updates address uninitialized stack memory usage
October 16, 2018
VMSA-2018-0026VMware ESXi, Workstation, and Fusion updates address an out-of-bounds read vulnerability
October 09, 2018
VMSA-2018-0025VMware ESXi, Workstation, and Fusion workarounds address a denial-of-service vulnerability
October 04, 2018
VMSA-2018-0024.1VMware Workspace ONE Unified Endpoint Management Console (AirWatch Console) update resolves SAML authentication bypass vulnerability
September 05, 2018
VMSA-2018-0023AirWatch Agent and VMware Content Locker updates resolve data protection vulnerabilities
August 14, 2018
VMSA-2018-0022VMware Workstation and Fusion updates address an out-of-bounds write issue
August 14, 2018
VMSA-2018-0021.2Operating System-Specific Mitigations address L1 Terminal Fault - OS vulnerability in VMware Virtual Appliances.
August 14, 2018
VMSA-2018-0020VMware vSphere, Workstation, and Fusion updates enable Hypervisor-Specific Mitigations for L1 Terminal Fault - VMM vulnerability.
August 07, 2018
VMSA-2018-0019.1Horizon 6, 7, and Horizon Client for Windows updates address an out-of-bounds read vulnerability
July 19, 2018
VMSA-2018-0018VMware Horizon View Agent, VMware ESXi, Workstation, and Fusion updates resolve multiple security issues
June 28, 2018
VMSA-2018-0016VMware ESXi, Workstation, and Fusion updates address multiple out-of-bounds read vulnerabilities
June 11, 2018
VMSA-2018-0015.1VMware AirWatch Agent updates resolve remote code execution vulnerability.
May 29, 2018
VMSA-2018-0014VMware Horizon Client update addresses a privilege escalation vulnerability
May 22, 2018
VMSA-2018-0012.1VMware vSphere, Workstation and Fusion updates enable Hypervisor-Assisted Guest Mitigations for Speculative Store Bypass issue.
May 21, 2018
VMSA-2018-0013VMware Workstation and Fusion updates address signature bypass and multiple denial-of-service vulnerabilities
May 15, 2018
VMSA-2018-0011.2Unauthenticated Command Injection vulnerability in VMware SD-WAN by VeloCloud
March 15, 2018
VMSA-2018-0008Workstation and Fusion updates address a denial-of-service vulnerability
February 07, 2018
VMSA-2018-0007.6VMware Virtual Appliance updates address side-channel analysis due to speculative execution
January 26, 2018
VMSA-2018-0006vRealize Automation, vSphere Integrated Containers, and AirWatch Console updates address multiple security vulnerabilities
January 10, 2018
VMSA-2018-0005VMware Workstation, and Fusion updates resolve use-after-free and integer-overflow vulnerabilities
January 09, 2018
VMSA-2018-0004.3VMware vSphere, Workstation and Fusion updates add Hypervisor-Assisted Guest Remediation for speculative execution issue
January 04, 2018
VMSA-2018-0003vRealize Operations for Horizon, vRealize Operations for Published Applications, Workstation, Horizon View Client and Tools updates resolve multiple security vulnerabilities
January 03, 2018
VMSA-2018-0002.3VMware ESXi, Workstation and Fusion updates address side-channel analysis due to speculative execution.
January 02, 2018
VMSA-2018-0001vSphere Data Protection (VDP) updates address multiple security issues.
December 19, 2017
VMSA-2017-0021VMware ESXi, vCenter Server Appliance, Workstation and Fusion updates address multiple security vulnerabilities
December 12, 2017
VMSA-2017-0020VMware AirWatch Console updates address Broken Access Control vulnerability.
November 17, 2017
VMSA-2017-0019NSX for vSphere update addresses NSX Edge Cross-Site Scripting (XSS) issue.
November 16, 2017
VMSA-2017-0018.1VMware Workstation, Fusion and Horizon View Client updates resolve multiple security vulnerabilities
November 10, 2017
VMSA-2017-0017VMware vCenter Server update resolves LDAP DoS, SSRF and CRLF injection issues
November 09, 2017
VMSA-2017-0016VMware AirWatch Console and Launcher for Android updates resolve multiple vulnerabilities.
September 14, 2017
VMSA-2017-0015.2VMware ESXi, vCenter Server, Fusion and Workstation updates resolve multiple security vulnerabilities
July 27, 2017
VMSA-2017-0013VMware vCenter Server and Tools updates resolve multiple security vulnerabilities
June 06, 2017
VMSA-2017-0010vSphere Data Protection (VDP) updates address multiple security issues.
April 18, 2017
VMSA-2017-0008.2VMware Unified Access Gateway, Horizon View and Workstation updates resolve multiple security vulnerabilities
April 13, 2017
VMSA-2017-0007VMware vCenter Server updates resolve a remote code execution vulnerability via BlazeDS
March 28, 2017
VMSA-2017-0006VMware ESXi, Workstation and Fusion updates address critical and moderate security issues
March 14, 2017
VMSA-2017-0005VMware Workstation and Fusion updates address out-of-bounds memory access vulnerability
March 13, 2017
VMSA-2017-0004.7VMware product updates resolve remote code execution vulnerability via Apache Struts 2
January 30, 2017
VMSA-2017-0001AirWatch updates address bypass of root detection and local container encryption
December 20, 2016
VMSA-2016-0024.1vSphere Data Protection (VDP) update addresses SSH key-based authentication issue
November 22, 2016
VMSA-2016-0022VMware product updates address information disclosure vulnerabilities
November 22, 2016
VMSA-2016-0021VMware product updates address partial information disclosure vulnerability
November 15, 2016
VMSA-2016-0020vRealize Operations update addresses REST API deserialization vulnerability
November 13, 2016
VMSA-2016-0019VMware Workstation and Fusion updates address critical out-of-bounds memory access vulnerability
November 09, 2016
VMSA-2016-0018.3VMware product updates address local privilege escalation vulnerability in Linux kernel
October 25, 2016
VMSA-2016-0017VMware product updates address multiple information disclosure issues
October 11, 2016
VMSA-2016-0016.1vRealize Operations (vROps) updates address privilege escalation vulnerability
October 06, 2016
VMSA-2016-0015VMware Horizon View updates address directory traversal vulnerability
September 13, 2016
VMSA-2016-0014.1VMware ESXi, Workstation, Fusion, and Tools updates address multiple security issues
August 23, 2016
VMSA-2016-0013VMware Identity Manager and vRealize Automation updates address multiple security issues
August 12, 2016
VMSA-2016-0011vRealize Log Insight update addresses directory traversal vulnerability
June 14, 2016
VMSA-2016-0009VMware vCenter Server updates address an important reflected cross-site scripting issue
June 09, 2016
VMSA-2016-0008VMware vRealize Log Insight addresses important and moderate security issues
June 09, 2016
VMSA-2016-0007.2VMware NSX and vCNS product updates address a critical information disclosure vulnerability
May 24, 2016
VMSA-2016-0006VMware vCenter Server updates address an important cross-site scripting issue
April 14, 2016
VMSA-2016-0004VMware product updates address a critical security issue in the VMware Client Integration Plugin
March 15, 2016
VMSA-2016-0003VMware vRealize Automation and vRealize Business Advanced and Enterprise address Cross-Site Scripting (XSS) issues.
February 22, 2016
VMSA-2016-0002.1VMware product updates address a critical glibc security vulnerability.
January 07, 2016
VMSA-2016-0001VMware ESXi, Fusion, Player, and Workstation updates address important guest privilege escalation vulnerability
December 18, 2015
VMSA-2015-0009.5VMware vCenter Server updates address an important reflected cross-site scripting issue
September 16, 2015
VMSA-2015-0006.1VMware vCenter Server updates address a LDAP certificate validation issue
July 09, 2015
VMSA-2015-0005VMware Workstation, Player and Horizon View Client for Windows updates address a host privilege escalation vulnerability
June 09, 2015
VMSA-2015-0004VMware Workstation, Fusion and Horizon View Client updates address critical security issues
April 02, 2015
VMSA-2015-0003.14VMware product updates address critical information disclosure issue in JRE.
January 29, 2015
VMSA-2015-0002VMware vSphere Data Protection product update addresses a certificate validation vulnerability.
January 27, 2015
VMSA-2015-0001.2VMware vCenter Server, ESXi, Workstation, Player, and Fusion updates address security issues
December 10, 2014
VMSA-2014-0014AirWatch by VMware product update addresses information disclosure vulnerabilities
December 09, 2014
VMSA-2014-0013VMware vCloud Automation Center product updates address a critical remote privilege escalation vulnerability
October 22, 2014
VMSA-2014-0011VMware vSphere Data Protection product update addresses a critical information disclosure vulnerability.
September 30, 2014
VMSA-2014-0010.13VMware product updates address critical Bash security vulnerabilities
September 11, 2014
VMSA-2014-0009VMware NSX and vCNS product updates address a critical information disclosure vulnerability.
June 24, 2014
VMSA-2014-0007.2VMware product updates address security vulnerabilities in Apache Struts library
May 29, 2014
VMSA-2014-0005VMware Workstation, Player, Fusion, and ESXi patches address a guest privilege escalation
January 16, 2014
VMSA-2014-0001VMware Workstation, Player, Fusion, ESXi, ESX and vCloud Director address several security issues
December 22, 2013
VMSA-2013-0016VMware ESXi and ESX unauthorized file access through vCenter Server and ESX
December 03, 2013
VMSA-2013-0014VMware Workstation, Fusion, ESXi and ESX patches address a guest privilege escalation
February 21, 2013
VMSA-2013-0003VMware vCenter Server, ESXi and ESX address an NFC Protocol memory corruption and third party library security issues.
February 07, 2013
VMSA-2013-0002.1VMware ESX, Workstation, Fusion, and View VMCI privilege escalation vulnerability
January 31, 2013
VMSA-2013-0001.5VMware vSphere security updates for the authentication service and third party libraries
October 04, 2012
VMSA-2012-0014VMware vCenter Operations, CapacityIQ, and Movie Decoder security updates
June 14, 2012
VMSA-2012-0011VMware hosted products and ESXi and ESX patches address security issues
May 03, 2012
VMSA-2012-0009.2VMware Workstation, Player, ESXi and ESX patches address critical security issues
April 12, 2012
VMSA-2012-0007.1VMware hosted products and ESXi/ESX patches address privilege escalation
March 15, 2012
VMSA-2012-0005.4VMware vCenter Server, Orchestrator, Update Manager, vShield, vSphere Client, ESXi and ESX address several security issues
March 08, 2012
VMSA-2012-0002VMware vCenter Chargeback Manager Information Leak and Denial of Service
January 30, 2012
VMSA-2012-0001.2VMware ESXi and ESX updates to third party library and ESX Service Console
November 17, 2011
VMSA-2011-0014VMware vCenter Update Manager fix for Jetty Web server addresses directory traversal vulnerability
October 27, 2011
VMSA-2011-0013.3VMware third party component updates for VMware vCenter Server, vCenter Update Manager, ESXi and ESX
October 12, 2011
VMSA-2011-0012.3VMware ESXi and ESX updates to third party libraries and ESX Service Console
October 04, 2011
VMSA-2011-0011Hosted product updates address a remote code execution vulnerability in the way UDF file systems are handled
July 28, 2011
VMSA-2011-0010.3VMware ESX third party updates for Service Console packages glibc and dhcp
June 02, 2011
VMSA-2011-0009.3VMware hosted product updates, ESX patches and VI Client update resolve multiple security issue
April 28, 2011
VMSA-2011-0007VMware ESXi and ESX Denial of Service and third party updates for Likewise components and ESX Service Console
March 14, 2011
VMSA-2011-0005.3VMware vCenter Orchestrator and Alive Enterprise remote code execution vulnerability
March 07, 2011
VMSA-2011-0004.3VMware ESX/ESXi SLPD denial of service vulnerability and ESX third party updates for Service Console packages bind, pam, and rpm.
February 07, 2011
VMSA-2011-0002Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
February 07, 2011
VMSA-2011-0003.2Cisco Nexus 1000V VEM updates address denial of service in VMware ESX/ESXi
January 04, 2011
VMSA-2011-0001.3VMware ESX third party updates for Service Console packages glibc, sudo, and openldap
December 02, 2010
VMSA-2010-0018VMware hosted products and ESX patches resolve multiple security issues
November 15, 2010
VMSA-2010-0016.1VMware ESXi and ESX third party updates for Service Console and Likewise components
September 23, 2010
VMSA-2010-0014.1VMware Workstation, Player, and ACE address several security issues.
July 19, 2010
VMSA-2010-0012.2VMware vCenter Update Manager fix for Jetty Web server addresses important security vulnerabilities
July 13, 2010
VMSA-2010-0011VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0.
May 05, 2010
VMSA-2010-0008VMware View 3.1.3 addresses an important cross-site scripting vulnerability
April 09, 2010
VMSA-2010-0007.1VMware hosted products, vCenter Server and ESX patches resolve multiple security issues
January 29, 2010
VMSA-2010-0002.4VMware vCenter update release addresses multiple security issues in Java JRE
December 15, 2009
VMSA-2009-0017VMware vCenter, ESX patch and vCenter Lab Manager releases address cross-site scripting issues
November 20, 2009
VMSA-2009-0016.6VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
October 16, 2009
VMSA-2009-0014.3VMware ESX patches for DHCP, Service Console kernel, and JRE resolve multiple security issues
September 18, 2009
VMSA-2008-0015Updated ESXi and ESX 3.5 packages address critical security issue in openwsman
September 04, 2009
VMSA-2009-0012VMware Movie Decoder, VMware Workstation, VMware Player, and VMware ACE resolve security issues.
August 31, 2009
VMSA-2009-0011VMware Studio 2.1 addresses security vulnerabilities in virtual appliances created with Studio 2.0
April 10, 2009
VMSA-2009-0006VMware Hosted products and patches for ESX and ESXi resolve a critical security vulnerability
April 03, 2009
VMSA-2009-0005VMware Hosted products, VI Client and patches for ESX and ESXi resolve multiple security issues
February 23, 2009
VMSA-2009-0002.2VirtualCenter Update 4 and ESX patch update Tomcat to version 5.5.27
January 30, 2009
VMSA-2009-0001.1ESX patches address an issue loading corrupt virtual disks and update Service Console packages
December 08, 2008
VMSA-2008-0012Updated VirtualCenter addresses User Account Disclosure Vulnerability
December 02, 2008
VMSA-2008-0019.1VMware Hosted products and patches for ESX and ESXi resolve a critical security issue and update bzip2
November 06, 2008
VMSA-2008-0018VMware Hosted products and patches for ESX and ESXi resolve two security issues
October 03, 2008
VMSA-2008-0016.3VMware Hosted products, VirtualCenter Update 3 and patches for ESX and ESXi resolve multiple security issues
August 29, 2008
VMSA-2008-0014.3Updates to VMware Workstation, VMware Player, VMware ACE, VMware Server, VMware ESX, VMware VCB address information disclosure, privilege escalation and other security issues.
June 16, 2008
VMSA-2008-0010.3Updated Tomcat and Java JRE packages for VMware ESX 3.5 and VirtualCenter
June 04, 2008
VMSA-2008-0009.2Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion, VMware Server, VMware VIX API, VMware ESX, VMware ESXi resolve critical security issues
May 30, 2008
VMSA-2008-0008Updates to VMware Workstation, VMware Player, VMware ACE, VMware Fusion resolve critical security issues
April 15, 2008
VMSA-2008-0007.2Moderate Updated Service Console packages pcre, net-snmp, and OpenPegasus
March 17, 2008
VMSA-2008-0005.1Several critical security vulnerabilities have been addressed in the newest releases of VMware's hosted product line
February 04, 2008
VMSA-2008-0003.1Updated aacraid driver and Samba and Python service console updates
January 07, 2008
VMSA-2008-0002.1Updated Tomcat and Java JRE packages for VirtualCenter 2.5, VirtualCenter 2.0.2, ESX 3.5, ESX 3.0.2, and ESX 3.0.1.
September 18, 2007
VMSA-2007-0006Updated versions of all supported hosted products and all ESX 2x products and patches for ESX 30x address critical security updates. Service Console security updates for samba, bind, krb5, vixie-cron, shadow-utils, openldap, pam, gcc, and gdb packages.
July 05, 2007
VMSA-2007-0005Updated Service Console packages (XFree86, UP and SMP kernels, Kerberos libraries) resolve security issues.