cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2025-22215,https://securityvulnerability.io/vulnerability/CVE-2025-22215,Server-Side Request Forgery in VMware Aria Automation,"VMware Aria Automation exposes a server-side request forgery (SSRF) vulnerability that allows a malicious actor with 'Organization Member' access to exploit the system. By leveraging this vulnerability, the actor can enumerate and potentially access sensitive internal services running on the host or network, which could lead to unauthorized data exposure and compromise of the environment. It is crucial for organizations using this product to assess their risk and implement necessary security measures to protect against exploitation.",Vmware,"Vmware Aria Automation,Vmware Cloud Foundation (vmware Aria Automation)",4.3,MEDIUM,0.0004299999854993075,false,false,false,false,false,false,false,2025-01-08T06:43:32.023Z,0
CVE-2024-22280,https://securityvulnerability.io/vulnerability/CVE-2024-22280,VMware Aria Automation Vulnerability,"VMware Aria Automation exhibits a vulnerability due to insufficient input validation, enabling an authenticated user to execute crafted SQL queries. This flaw can lead to unauthorized data manipulation, allowing malicious actors to perform read or write operations directly in the underlying database. It is imperative for users of affected versions to assess their security measures and apply necessary updates or patches to safeguard their environments.",Vmware,Vmware Aria Automation,8.1,HIGH,0.0004600000102072954,false,false,false,false,,false,false,2024-07-11T04:39:09.353Z,0