Vcenter server
This hub aggregates every CVE we track for Vcenter server, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
81
CVEs tracked
15
Critical
33
High
11
In CISA KEV
Severity distribution
HIGH33MEDIUM32CRITICAL15LOW1
Monthly trend
0
0
2
0
0
0
0
0
0
0
2
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-072026-06
Latest CVEs
The 15 most recently published vulnerabilities affecting Vcenter server.
- CVE-2025-41228VMware ESXi and vCenter Server Reflected Cross Site Scripting (XSS) Vulnerability4.3
- CVE-2025-41225VMware vCenter Server authenticated command-execution vulnerability8.8
- CVE-2024-38813Privilege escalation vulnerabilityKEV7.5
- CVE-2024-38812Heap-overflow vulnerabilityKEV9.8
- CVE-2024-37087The vCenter Server contains a denial-of-service vulnerability. A malicious actor with network access to vCenter Server may create a denial-of-service condition.5.3
- CVE-2024-37081The vCenter Server contains multiple local privilege escalation vulnerabilities due to misconfiguration of sudo. An authenticated local user with non-administrative privileges may exploit these is...7.8
- CVE-2024-37080vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending...9.8
- CVE-2024-37079vCenter Server contains a heap-overflow vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger this vulnerability by sending...KEV9.8
- CVE-2024-22275The vCenter Server contains a partial file read vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to partially read arbitrary fi...4.9
- CVE-2024-22274The vCenter Server contains an authenticated remote code execution vulnerability. A malicious actor with administrative privileges on the vCenter appliance shell may exploit this issue to run arbi...7.2
- CVE-2023-34056VMware vCenter Server Partial Information Disclosure Vulnerability4.3
- CVE-2023-34048VMware vCenter Server Out-of-Bounds Write VulnerabilityKEV9.8
- CVE-2023-20896The VMware vCenter Server contains an out-of-bounds read vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-b...5.9
- CVE-2023-20895The VMware vCenter Server contains a memory corruption vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger a memory corr...8.1
- CVE-2023-20894The VMware vCenter Server contains an out-of-bounds write vulnerability in the implementation of the DCERPC protocol. A malicious actor with network access to vCenter Server may trigger an out-of-...8.1
Product normalization is registry-driven with AI assist and human review. How it works