Vulnerabilities Patched by Juniper, VMware and Zoom

Post Views: 4

Juniper Networks, VMware, and Zoom have published a total of ten security advisories describing dozens of vulnerabilities patched across their product portfolios.

Juniper on Tuesday announced fixes for nearly 90 bugs in third-party dependencies in Secure Analytics, the virtual appliance that collects security events from network devices, endpoints, and applications.

Patches for these issues, most of which were disclosed last year, were included in Secure Analytics version 7.5.0 UP11 IF03. Some of the flaws are dated 2016, 2019, and 2020, and three of them are rated ‘critical severity’.

VMware published two advisories dealing with a high-severity XSS defect in the VMware Aria automation appliance (tracked as CVE-2025-22249) and a medium-severity insecure file handling issue in VMware Tools (tracked as CVE-2025-22247).

The first vulnerability allows an attacker to steal the access token of a logged-in user by convincing the victim to click on a crafted link, while the second enables a threat actor with non-administrative privileges on a guest VM to modify local files and trigger insecure file operations within the VM.

Zoom on Tuesday released seven advisories detailing nine security defects in Zoom Workplace Apps across desktop and mobile platforms.

The most severe of the issues is CVE-2025-30663 (CVSS score of 8.8), a high-severity time-of-check time-of-use race condition that could allow a local, authenticated attacker to elevate their privileges.

The remaining eight flaws are medium-severity bugs that allow attackers to elevate privileges, cause denial of service (DoS), or impact application integrity.

Advertisement. Scroll to continue reading.

While Juniper, VMware, and Zoom make no mention of any of these vulnerabilities being exploited in the wild, users are advised to apply the fresh patches as soon as possible.

Related: Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers

Related: SAP Patches Another Exploited NetWeaver Vulnerability

Related: Adobe Patches Big Batch of Critical-Severity Software Flaws

Related: Radware Says Recently Disclosed WAF Bypasses Were Patched in 2023

Source link

What's Hot

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Key takeaways from day two of Donald Trump’s tour of the Middle East | Donald Trump News

Hitachi ZeroCarbon and MUFG partner to remove cost barriers for fleet electrification

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Chipmaker Patch Tuesday: Intel, AMD, Arm Respond to New CPU Attacks

Kosovar Administrator of Cybercrime Marketplace Extradited to US

EU Cybersecurity Agency ENISA Launches European Vulnerability Database

Fortinet Patches Zero-Day Exploited Against FortiVoice Appliances

Ivanti Patches Two EPMM Zero-Days Exploited to Hack Customers

Here’s How Much Selena Gomez-Actress, Singer, Entrepreneur-Is Worth

Looking Back At Trump’s Years-Long Obsession With Oversized Airplanes

Skechers’ Greenbergs Set To Pocket Up To $1.1 Billion From Sale To 3G

Trump Organization Admits President Still Controls His Business

Google Ships Android ‘Advanced Protection’ Mode to Thwart Surveillance Spyware

Key takeaways from day two of Donald Trump’s tour of the Middle East | Donald Trump News

Hitachi ZeroCarbon and MUFG partner to remove cost barriers for fleet electrification

UK carbon credit boom could fuel £1bn in tax and 135,000 green jobs by 2035

Our Picks

OpenAI pledges to publish AI safety test results more often

Stability AI releases an audio-generating model that can run on smartphones

DeepMind claims its newest AI tool is a whiz at math and science problems

What's Hot

Vulnerabilities Patched by Juniper, VMware and Zoom

Related Posts

Subscribe to Updates