Vulnerabilities Patched by Juniper, VMware and Zoom 

Posted on By CWS

Juniper Networks, VMware, and Zoom have printed a complete of ten safety advisories describing dozens of vulnerabilities patched throughout their product portfolios.

Juniper on Tuesday introduced fixes for practically 90 bugs in third-party dependencies in Safe Analytics, the digital equipment that collects safety occasions from community gadgets, endpoints, and purposes.

Patches for these points, most of which had been disclosed final 12 months, had been included in Safe Analytics model 7.5.0 UP11 IF03. A few of the flaws are dated 2016, 2019, and 2020, and three of them are rated ‘essential severity’.

VMware printed two advisories coping with a high-severity XSS defect within the VMware Aria automation equipment (tracked as CVE-2025-22249) and a medium-severity insecure file dealing with difficulty in VMware Instruments (tracked as CVE-2025-22247).

The primary vulnerability permits an attacker to steal the entry token of a logged-in consumer by convincing the sufferer to click on on a crafted hyperlink, whereas the second allows a risk actor with non-administrative privileges on a visitor VM to switch native information and set off insecure file operations inside the VM.

Zoom on Tuesday launched seven advisories detailing 9 safety defects in Zoom Office Apps throughout desktop and cell platforms.

Essentially the most extreme of the problems is CVE-2025-30663 (CVSS rating of 8.8), a high-severity time-of-check time-of-use race situation that would permit an area, authenticated attacker to raise their privileges.

The remaining eight flaws are medium-severity bugs that permit attackers to raise privileges, trigger denial of service (DoS), or impression utility integrity.Commercial. Scroll to proceed studying.

Whereas Juniper, VMware, and Zoom make no point out of any of those vulnerabilities being exploited within the wild, customers are suggested to use the contemporary patches as quickly as doable.

Associated: Ivanti Patches Two EPMM Zero-Days Exploited to Hack Clients

Associated: SAP Patches One other Exploited NetWeaver Vulnerability

Associated: Adobe Patches Large Batch of Vital-Severity Software program Flaws

Associated: Radware Says Lately Disclosed WAF Bypasses Have been Patched in 2023

Security Week News Tags:, , , ,

Related Posts

Washington Post Says Nearly 10,000 Employees Impacted by Oracle Hack Security Week News
Paragon ‘Graphite’ Spyware Linked to Zero-Click Hacks on Newest iPhones Security Week News
Farmers Insurance Data Breach Impacts Over 1 Million People Security Week News
Vulnerabilities in CISA KEV Are Not Equally Critical: Report Security Week News
Critical Vulnerability Exposes Many Mitel MiCollab Instances to Remote Hacking Security Week News
Iranian Man Pleads Guilty to Role in Baltimore Ransomware Attack Security Week News