Vulnerabilities Patched by Juniper, VMware and Zoom 

Vulnerabilities Patched by Juniper, VMware and Zoom 

Posted on By CWS

Juniper Networks, VMware, and Zoom have printed a complete of ten safety advisories describing dozens of vulnerabilities patched throughout their product portfolios.

Juniper on Tuesday introduced fixes for practically 90 bugs in third-party dependencies in Safe Analytics, the digital equipment that collects safety occasions from community gadgets, endpoints, and purposes.

Patches for these points, most of which had been disclosed final 12 months, had been included in Safe Analytics model 7.5.0 UP11 IF03. A few of the flaws are dated 2016, 2019, and 2020, and three of them are rated ‘essential severity’.

VMware printed two advisories coping with a high-severity XSS defect within the VMware Aria automation equipment (tracked as CVE-2025-22249) and a medium-severity insecure file dealing with difficulty in VMware Instruments (tracked as CVE-2025-22247).

The primary vulnerability permits an attacker to steal the entry token of a logged-in consumer by convincing the sufferer to click on on a crafted hyperlink, whereas the second allows a risk actor with non-administrative privileges on a visitor VM to switch native information and set off insecure file operations inside the VM.

Zoom on Tuesday launched seven advisories detailing 9 safety defects in Zoom Office Apps throughout desktop and cell platforms.

Essentially the most extreme of the problems is CVE-2025-30663 (CVSS rating of 8.8), a high-severity time-of-check time-of-use race situation that would permit an area, authenticated attacker to raise their privileges.

The remaining eight flaws are medium-severity bugs that permit attackers to raise privileges, trigger denial of service (DoS), or impression utility integrity.Commercial. Scroll to proceed studying.

Whereas Juniper, VMware, and Zoom make no point out of any of those vulnerabilities being exploited within the wild, customers are suggested to use the contemporary patches as quickly as doable.

Associated: Ivanti Patches Two EPMM Zero-Days Exploited to Hack Clients

Associated: SAP Patches One other Exploited NetWeaver Vulnerability

Associated: Adobe Patches Large Batch of Vital-Severity Software program Flaws

Associated: Radware Says Lately Disclosed WAF Bypasses Have been Patched in 2023

Security Week News Tags:, , , ,

Related Posts

Mondoo Raises .5 Million for Vulnerability Management Platform Mondoo Raises $17.5 Million for Vulnerability Management Platform Security Week News
Casie Antalis Named Executive Director of CISA Casie Antalis Named Executive Director of CISA Security Week News
Tech Giants Unite to Tackle Online Scams and Fraud Tech Giants Unite to Tackle Online Scams and Fraud Security Week News
Hackers Earn Over 0,000 on First Day of Pwn2Own Ireland 2025 Hackers Earn Over $520,000 on First Day of Pwn2Own Ireland 2025 Security Week News
Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities Thousands of Citrix NetScaler Instances Unpatched Against Exploited Vulnerabilities Security Week News
Alleged Conti, TrickBot Gang Leader Unmasked Alleged Conti, TrickBot Gang Leader Unmasked Security Week News