Please turn on your JavaScript for this page to function normally.
vmware
VMware fixes critical vCenter Server RCE bug – again! (CVE-2024-38812)

Broadcom has released new patches for previously fixed vulnerabilities (CVE-2024-38812, CVE-2024-38813) in vCenter Server, one of which hasn’t been fully addressed the …

vmware
Critical VMware vCenter Server bugs fixed (CVE-2024-38812)

Broadcom has released fixes for two vulnerabilities affecting VMware vCenter Server that can be triggered by sending a specially crafted network packet, and could lead to …

VirtualBox
VirtualBox 7.1: This is a major update, here’s what’s new

VirtualBox is a full virtualizer for x86 hardware designed for servers, desktops, and embedded systems. VirtualBox 7.1 introduces an enhanced user interface, cloud VM …

VMware
VMware ESXi auth bypass zero-day exploited by ransomware operators (CVE-2024-37085)

Ransomware operators have been leveraging CVE-2024-37085, an authentication bypass vulnerability affecting Active Directory domain-joined VMware ESXi hypervisors, to gain full …

Docker fixes critical auth bypass flaw, again (CVE-2024-41110)

A critical-severity Docker Engine vulnerability (CVE-2024-41110) may be exploited by attackers to bypass authorization plugins (AuthZ) via specially crafted API request, …

Microsoft Crowdstrike
Microsoft releases tool to speed up recovery of systems borked by CrowdStrike update

By now, most people are aware of – or have been personally affected by – the largest IT outage the world have ever witnessed, courtesy of a defective update for …

Patch Tuesday
Microsoft fixes two zero-days exploited by attackers (CVE-2024-38080, CVE-2024-38112)

For July 2024 Patch Tuesday, Microsoft has released security updates and patches that fix 142 CVEs, including two exploited zero-days (CVE-2024-38080, CVE-2024-38112) in …

vmware
Critical RCE flaws in vCenter Server fixed (CVE-2024-37079, CVE-2024-37080)

VMware by Broadcom has fixed two critical vulnerabilities (CVE-2024-37079, CVE-2024-37080) affecting VMware vCenter Server and products that contain it: vSphere and Cloud …

vmware
VMware pushes admins to uninstall vulnerable, deprecated vSphere plugin (CVE-2024-22245, CVE-2024-22250)

VMware Enhanced Authentication Plug-in (EAP), a plugin for VMware vSphere, has two vulnerabilities (CVE-2024-22245, CVE-2024-22250) that could be exploited by attackers to …

money
Exploit writers invited to probe Chrome’s V8 engine, Google Cloud’s KVM

Google is asking bug hunters and exploit writers to develop 0-day and n-day exploits in Chrome’s V8 JavaScript engine and Google Cloud’s Kernel-based Virtual …

vmware
VMware fixes critical flaws in virtualization software (CVE-2023-20869, CVE-2023-20870)

VMware has fixed one critical (CVE-2023-20869) and three important flaws (CVE-2023-20870, CVE-2023-20871, CVE-2023-20872) in its VMware Workstation and Fusion virtual user …

CISA
CISA releases ESXiArgs ransomware recovery script

According to the latest data, the number of ESXiArgs ransomware victims has surpassed 3,800, and CISA has published a recovery script for victim organizations. Fixing the mess …

Don't miss

Cybersecurity news