Vmware vcenter server
This hub aggregates every CVE we track for Vmware vcenter server, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
69
CVEs tracked
13
Critical
30
High
11
In CISA KEV
Severity distribution
HIGH30MEDIUM26CRITICAL13
Monthly trend
0
0
2
0
0
0
0
0
0
0
2
0
1
0
1
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Vmware vcenter server.
- CVE-2025-41250Header injection vulnerability8.5
- CVE-2025-41241Denial-of-service vulnerability4.4
- CVE-2025-41228VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability4.3
- CVE-2025-41225VMware vCenter Server authenticated command-execution vulnerability8.8
- CVE-2024-38813Privilege escalation vulnerabilityKEV7.5
- CVE-2024-38812Heap-overflow vulnerabilityKEV9.8
- CVE-2024-37087The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition.5.3
- CVE-2024-37081The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these is...7.8
- CVE-2024-37080vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending...9.8
- CVE-2024-37079vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending...KEV9.8
- CVE-2024-22275The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary fi...4.9
- CVE-2024-22274The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbi...7.2
- CVE-2023-34056VMware vCenter Server Partial Information Disclosure Vulnerability4.3
- CVE-2023-34048VMware vCenter Server Out-of-Bounds Write VulnerabilityKEV9.8
- CVE-2023-20896The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-b...5.9
Product normalization is registry-driven with AI assist and human review. How it works