VMware has announced several vulnerabilities within vCenter Server that range from medium to high severity. The disclosed vulnerabilities have varying impacts that could allow a malicious threat actor with network access to execute arbitrary code, cause memory corruption, or bypass authentication on vCenter. Specifics of the vulnerabilities can be found here, and below is a brief description of those with high severity:
CVE-2023-20892: VMware vCenter Server heap-overflow vulnerability
CVE-2023-20893: VMware vCenter Server use-after-free vulnerability
CVE-2023-20894: VMware vCenter Server out-of-bounds write vulnerability
CVE-2023-20895: VMware vCenter Server out-of-bounds read vulnerability