Lucene search

K

5 matches found

CVE
CVE
added 2023/06/22 12:15 p.m.217 views

CVE-2023-20892

The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating syst...

9.8CVSS9.2AI score0.02678EPSS
CVE
CVE
added 2022/10/07 9:15 p.m.105 views

CVE-2022-31680

The vCenter Server contains an unsafe deserialisation vulnerability in the PSC (Platform services controller). A malicious actor with admin access on vCenter server may exploit this issue to execute arbitrary code on the underlying operating system that hosts the vCenter Server.

9.1CVSS9.4AI score0.00858EPSS
CVE
CVE
added 2023/06/22 12:15 p.m.70 views

CVE-2023-20894

The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption.

9.8CVSS9.3AI score0.4335EPSS
CVE
CVE
added 2023/06/22 12:15 p.m.67 views

CVE-2023-20893

The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server.

9.8CVSS9.7AI score0.02921EPSS
CVE
CVE
added 2023/06/22 12:15 p.m.53 views

CVE-2023-20895

The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication.

9.8CVSS9.5AI score0.00396EPSS