VMware

Vcenter Server

81 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
4.3

CVE-2023-34056

  • EPSS 0.12%
  • Published 25.10.2023 18:17:27
  • Last modified 21.11.2024 08:06:29

vCenter Server contains a partial information disclosure vulnerability. A malicious actor with non-administrative privileges to vCenter Server may leverage this issue to access unauthorized data.

9.8

CVE-2023-34048

Warning Exploit
  • EPSS 92.9%
  • Published 25.10.2023 18:17:27
  • Last modified 20.12.2024 17:41:40

vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds write potentially leading to remote code execution.

7.5

CVE-2023-20896

  • EPSS 0.29%
  • Published 22.06.2023 13:15:09
  • Last modified 21.11.2024 07:41:46

The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leadi...

9.8

CVE-2023-20895

  • EPSS 0.4%
  • Published 22.06.2023 12:15:10
  • Last modified 21.11.2024 07:41:46

The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.

9.8

CVE-2023-20894

  • EPSS 43.35%
  • Published 22.06.2023 12:15:10
  • Last modified 21.11.2024 07:41:46

The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet lead...

9.8

CVE-2023-20893

  • EPSS 2.33%
  • Published 22.06.2023 12:15:10
  • Last modified 21.11.2024 07:41:46

The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating syste...

9.8

CVE-2023-20892

  • EPSS 2.68%
  • Published 22.06.2023 12:15:09
  • Last modified 21.11.2024 07:41:46

The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execut...

5.3

CVE-2022-31698

  • EPSS 3.39%
  • Published 13.12.2022 16:15:19
  • Last modified 22.04.2025 04:15:20

The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially c...

5.5

CVE-2022-31697

  • EPSS 0.04%
  • Published 13.12.2022 16:15:19
  • Last modified 22.04.2025 16:15:29

The vCenter Server contains an information disclosure vulnerability due to the logging of credentials in plaintext. A malicious actor with access to a workstation that invoked a vCenter Server Appliance ISO operation (Install/Upgrade/Migrate/Restore)...

9.1

CVE-2022-31680

Exploit
  • EPSS 0.86%
  • Published 07.10.2022 21:15:11
  • Last modified 21.11.2024 07:05:06

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system t...