Vulnerabilities Patched by Juniper, VMware and Zoom 

Posted on By CWS

Juniper Networks, VMware, and Zoom have printed a complete of ten safety advisories describing dozens of vulnerabilities patched throughout their product portfolios.

Juniper on Tuesday introduced fixes for practically 90 bugs in third-party dependencies in Safe Analytics, the digital equipment that collects safety occasions from community gadgets, endpoints, and purposes.

Patches for these points, most of which had been disclosed final 12 months, had been included in Safe Analytics model 7.5.0 UP11 IF03. A few of the flaws are dated 2016, 2019, and 2020, and three of them are rated ‘essential severity’.

VMware printed two advisories coping with a high-severity XSS defect within the VMware Aria automation equipment (tracked as CVE-2025-22249) and a medium-severity insecure file dealing with difficulty in VMware Instruments (tracked as CVE-2025-22247).

The primary vulnerability permits an attacker to steal the entry token of a logged-in consumer by convincing the sufferer to click on on a crafted hyperlink, whereas the second allows a risk actor with non-administrative privileges on a visitor VM to switch native information and set off insecure file operations inside the VM.

Zoom on Tuesday launched seven advisories detailing 9 safety defects in Zoom Office Apps throughout desktop and cell platforms.

Essentially the most extreme of the problems is CVE-2025-30663 (CVSS rating of 8.8), a high-severity time-of-check time-of-use race situation that would permit an area, authenticated attacker to raise their privileges.

The remaining eight flaws are medium-severity bugs that permit attackers to raise privileges, trigger denial of service (DoS), or impression utility integrity.Commercial. Scroll to proceed studying.

Whereas Juniper, VMware, and Zoom make no point out of any of those vulnerabilities being exploited within the wild, customers are suggested to use the contemporary patches as quickly as doable.

Associated: Ivanti Patches Two EPMM Zero-Days Exploited to Hack Clients

Associated: SAP Patches One other Exploited NetWeaver Vulnerability

Associated: Adobe Patches Large Batch of Vital-Severity Software program Flaws

Associated: Radware Says Lately Disclosed WAF Bypasses Have been Patched in 2023

Security Week News Tags:, , , ,

Related Posts

Valarian Bags $20M Seed Capital for ‘Isolation-First’ Infrastructure Tech Security Week News
35,000 Solar Power Systems Exposed to Internet Security Week News
Chrome to Distrust Chunghwa Telecom and Netlock Certificates Security Week News
Ahold Delhaize Data Breach Impacts 2.2 Million People Security Week News
Akamai, Microsoft Disagree on Severity of Unpatched ‘BadSuccessor’ Flaw Security Week News
Security Firm Andy Frain Says 100,000 People Impacted by Ransomware Attack Security Week News