50 matches found
CVE-2023-20895
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication...
CVE-2023-20895
The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication...
CVE-2023-20895
CVE-2023-20895 is a memory corruption vulnerability in VMware vCenter Server’s DCERPC implementation that can lead to an authentication bypass via crafted network packets. Cisco Talos reports it affects VMware vCenter Server 8.0.0.10200 and details root causes such as out-of-bounds memory access ...
CVE-2023-20894
The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption...
CVE-2023-20893
The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server...
CVE-2023-20893
The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server...
CVE-2023-20892 VMware vCenter Server heap-overflow vulnerability
The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating...
PT-2023-3414 · Vmware · Vmware Vcenter Server +1
Name of the Vulnerable Software and Affected Versions: VMware vCenter Server affected versions not specified Description: The issue is caused by a memory corruption vulnerability in the implementation of the DCERPC protocol. This vulnerability can be exploited by a malicious actor with network...
PT-2023-3750 · Vmware · Vmware Vcenter Server +1
Name of the Vulnerable Software and Affected Versions: VMware vCenter Server affected versions not specified Description: The issue is related to an out-of-bounds read vulnerability in the implementation of the DCERPC protocol in VMware vCenter Server. A malicious actor with network access to...
UBUNTU-CVE-2016-9373
In Wireshark 2.2.0 to 2.2.1 and 2.0.0 to 2.0.7, the DCERPC dissector could crash with a use-after-free, triggered by network traffic or a capture file. This was addressed in epan/dissectors/packet-dcerpc-nt.c and epan/dissectors/packet-dcerpc-spoolss.c by using the wmem file scope for private...