VMware

Vcenter Server

81 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2025-41228

Medienbericht
  • EPSS 4.25%
  • Veröffentlicht 20.05.2025 14:24:34
  • Zuletzt bearbeitet 21.05.2025 20:25:16

VMware ESXi and vCenter Server contain a reflected cross-site scripting vulnerability due to improper input validation. A malicious actor with network access to the login page of certain ESXi host or vCenter Server URL paths may exploit this issue to...

8.8

CVE-2025-41225

Medienbericht
  • EPSS 0.05%
  • Veröffentlicht 20.05.2025 14:24:17
  • Zuletzt bearbeitet 21.05.2025 20:25:16

The vCenter Server contains an authenticated command-execution vulnerability. A malicious actor with privileges to create or modify alarms and run script action may exploit this issue to run arbitrary commands on the vCenter Server.

9.8

CVE-2024-38813

Warnung
  • EPSS 18.6%
  • Veröffentlicht 17.09.2024 18:15:04
  • Zuletzt bearbeitet 22.11.2024 02:00:03

The vCenter Server contains a privilege escalation vulnerability. A malicious actor with network access to vCenter Server may trigger this vulnerability to escalate privileges to root by sending a specially crafted network packet.

9.8

CVE-2024-38812

Warnung
  • EPSS 59.42%
  • Veröffentlicht 17.09.2024 18:15:03
  • Zuletzt bearbeitet 22.11.2024 02:00:03

The vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially l...

5.3

CVE-2024-37087

Warnung
  • EPSS 0.31%
  • Veröffentlicht 25.06.2024 15:15:12
  • Zuletzt bearbeitet 27.06.2025 13:39:54

The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition.

7.8

CVE-2024-37081

  • EPSS 56.09%
  • Veröffentlicht 18.06.2024 06:15:11
  • Zuletzt bearbeitet 21.11.2024 09:23:09

The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these issues to elevate privileges to root on vCenter Server A...

9.8

CVE-2024-37080

  • EPSS 44.18%
  • Veröffentlicht 18.06.2024 06:15:11
  • Zuletzt bearbeitet 13.03.2025 15:15:45

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leadi...

9.8

CVE-2024-37079

  • EPSS 48.28%
  • Veröffentlicht 18.06.2024 06:15:11
  • Zuletzt bearbeitet 14.03.2025 14:15:16

vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending a specially crafted network packet potentially leadi...

7.2

CVE-2024-22274

  • EPSS 61.45%
  • Veröffentlicht 21.05.2024 18:15:09
  • Zuletzt bearbeitet 27.06.2025 13:37:52

The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbitrary commands on the underlying operating system.

4.9

CVE-2024-22275

  • EPSS 7.25%
  • Veröffentlicht 21.05.2024 18:15:09
  • Zuletzt bearbeitet 27.06.2025 13:38:06

The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary files containing sensitive data.