Note:
This project will be discontinued after December 13, 2021. [more]
Product:
Vcenter_server
(Vmware)| Repositories |
Unknown: This might be proprietary software. |
| #Vulnerabilities | 75 |
| Date | Id | Summary | Products | Score | Patch | Annotated |
|---|---|---|---|---|---|---|
| 2009-08-27 | CVE-2009-2698 | The udp_sendmsg function in the UDP implementation in (1) net/ipv4/udp.c and (2) net/ipv6/udp.c in the Linux kernel before 2.6.19 allows local users to gain privileges or cause a denial of service (NULL pointer dereference and system crash) via vectors involving the MSG_MORE flag and a UDP socket. | Ubuntu_linux, Fedora, Linux_kernel, Enterprise_linux_desktop, Enterprise_linux_eus, Enterprise_linux_server, Enterprise_linux_server_aus, Enterprise_linux_workstation, Linux_enterprise_desktop, Linux_enterprise_server, Esxi, Vcenter_server | 7.8 | ||
| 2009-03-25 | CVE-2009-1072 | nfsd in the Linux kernel before 2.6.28.9 does not drop the CAP_MKNOD capability before handling a user request in a thread, which allows local users to create device nodes, as demonstrated on a filesystem that has been exported with the root_squash option. | Ubuntu_linux, Debian_linux, Linux_kernel, Opensuse, Linux_enterprise_desktop, Linux_enterprise_server, Esx, Server, Vcenter_server, Virtualcenter, Vma | N/A | ||
| 2022-12-13 | CVE-2022-31698 | The vCenter Server contains a denial-of-service vulnerability in the content library service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to trigger a denial-of-service condition by sending a specially crafted header. | Cloud_foundation, Vcenter_server | 5.3 | ||
| 2021-09-23 | CVE-2021-22005 | The vCenter Server contains an arbitrary file upload vulnerability in the Analytics service. A malicious actor with network access to port 443 on vCenter Server may exploit this issue to execute code on vCenter Server by uploading a specially crafted file. | Cloud_foundation, Vcenter_server | 9.8 | ||
| 2023-06-22 | CVE-2023-20892 | The vCenter Server contains a heap overflow vulnerability due to the usage of uninitialized memory in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit heap-overflow vulnerability to execute arbitrary code on the underlying operating system that hosts vCenter Server. | Vcenter_server | 9.8 | ||
| 2023-06-22 | CVE-2023-20893 | The VMware vCenter Server contains a use-after-free vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may exploit this issue to execute arbitrary code on the underlying operating system that hosts vCenter Server. | Vcenter_server | 9.8 | ||
| 2023-06-22 | CVE-2023-20894 | The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bound write by sending a specially crafted packet leading to memory corruption. | Vcenter_server | 9.8 | ||
| 2023-06-22 | CVE-2023-20895 | The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corruption vulnerability which may bypass authentication. | Vcenter_server | 9.8 | ||
| 2023-06-22 | CVE-2023-20896 | The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-bounds read by sending a specially crafted packet leading to denial-of-service of certain services (vmcad, vmdird, and vmafdd). | Vcenter_server | 7.5 | ||
| 2021-09-23 | CVE-2021-22015 | The vCenter Server contains multiple local privilege escalation vulnerabilities due to improper permissions of files and directories. An authenticated local user with non-administrative privilege may exploit these issues to elevate their privileges to root on vCenter Server Appliance. | Cloud_foundation, Vcenter_server | 7.8 |