cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-22222,https://securityvulnerability.io/vulnerability/CVE-2025-22222,Information Disclosure Flaw in VMware Aria Operations,"VMware Aria Operations is susceptible to an information disclosure vulnerability that allows a malicious user with non-administrative access to exploit the flaw. By leveraging this vulnerability, an attacker could potentially retrieve sensitive credentials associated with an outbound plugin if they possess a valid service credential ID. This risk underlines the need for enhanced security measures to protect user credentials and prevent unauthorized access.",Vmware,Vmware Aria Operations,7.7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T15:32:00.829Z,0
CVE-2025-22221,https://securityvulnerability.io/vulnerability/CVE-2025-22221,Stored Cross-Site Scripting Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is susceptible to a stored cross-site scripting vulnerability that allows an attacker with administrative privileges to inject malicious scripts. When a user performs a delete action in the Agent Configuration, these scripts can potentially execute in the victim's browser. This vulnerability poses a significant risk, as it can lead to unauthorized actions and data exposure within the affected application.",Vmware,Vmware Aria Operations For Logs,5.2,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T15:30:12.218Z,0
CVE-2025-22220,https://securityvulnerability.io/vulnerability/CVE-2025-22220,Privilege Escalation in VMware Aria Operations for Logs,"VMware Aria Operations for Logs comprises a privilege escalation vulnerability that allows a malicious actor with non-administrative access and network connectivity to the Aria Operations for Logs API to execute operations as an admin user. This security flaw can potentially enable attackers to elevate their permissions and compromise sensitive information, creating a significant risk to the integrity of the system.",Vmware,Vmware Aria Operations For Logs,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T15:28:13.266Z,0
CVE-2025-22219,https://securityvulnerability.io/vulnerability/CVE-2025-22219,Stored Cross-Site Scripting Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is susceptible to a stored cross-site scripting flaw that allows an attacker with non-administrative privileges to inject malicious scripts. This vulnerability can lead to unauthorized operations being executed as an admin user, compromising system security and the integrity of sensitive data. It highlights the necessity of rigorous input validation and user privilege management to prevent exploitation.",Vmware,Vmware Aria Operations For Logs,6.8,MEDIUM,0.0004299999854993075,false,,true,false,true,2025-01-30T22:00:10.000Z,false,false,false,,2025-01-30T15:26:16.027Z,0
CVE-2025-22218,https://securityvulnerability.io/vulnerability/CVE-2025-22218,Information Disclosure in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is affected by a vulnerability that allows unauthorized users with View Only Admin permissions to access sensitive credentials of integrated VMware products. This exposure can potentially lead to further exploitation of the system, compromising overall security and integrity.",Vmware,Vmware Aria Operations For Logs,8.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T14:23:01.810Z,0
CVE-2024-38834,https://securityvulnerability.io/vulnerability/CVE-2024-38834,VMware Aria Operations Exposes Cross-Site Scripting Vulnerability,VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to cloud provider might be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.,Vmware,Vmware Aria Operations,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-26T11:56:48.573Z,0
CVE-2024-38833,https://securityvulnerability.io/vulnerability/CVE-2024-38833,VMware Aria Operations Vulnerability: Stored Cross-Site Scripting Flaw,VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.,Vmware,Vmware Aria Operations,6.8,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-26T11:54:54.847Z,0
CVE-2024-38832,https://securityvulnerability.io/vulnerability/CVE-2024-38832,VMware Aria Operations Stored XSS Vulnerability,"VMware Aria Operations is affected by a stored cross-site scripting vulnerability that permits a malicious actor with editing access to views to inject harmful scripts. This flaw can compromise user data and session integrity, posing significant risks to application security. It is advised for users and administrators to review their access controls and apply any necessary patches to mitigate this vulnerability.",Vmware,Vmware Aria Operations,7.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-26T11:51:39.551Z,0
CVE-2024-38831,https://securityvulnerability.io/vulnerability/CVE-2024-38831,VMware Aria Operations Local Privilege Escalation Vulnerability,"VMware Aria Operations is exposed to a local privilege escalation vulnerability that allows a malicious actor, who already possesses local administrative privileges, to escalate their privileges to that of a root user. This can be achieved by inserting malicious commands into the properties file on the appliance running VMware Aria Operations. Organizations using this product should review their permissions and implement appropriate security measures to prevent exploitation.",Vmware,Vmware Aria Operations,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-26T11:50:20.202Z,0
CVE-2024-38830,https://securityvulnerability.io/vulnerability/CVE-2024-38830,Local Privilege Escalation Vulnerability Affects VMware Aria Operations,"VMware Aria Operations is susceptible to a local privilege escalation vulnerability that allows a malicious actor with existing local administrative privileges to escalate their access to the root user level on the appliance. This weakness poses a serious risk as it can lead to unauthorized control of the system, enabling the attacker to perform critical actions that can compromise the integrity and confidentiality of the underlying infrastructure. Organizations must assess their deployments and apply the necessary mitigations to protect their systems from potential exploitation.",Vmware,Vmware Aria Operations,7.8,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-11-26T11:49:16.781Z,0
CVE-2024-22235,https://securityvulnerability.io/vulnerability/CVE-2024-22235,Local Privilege Escalation Vulnerability Affects VMware Aria Operations,VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with administrative access to the local system can escalate privileges to 'root'.,VMware,VMware Aria Operations,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2024-02-21T04:59:48.892Z,0
CVE-2023-34052,https://securityvulnerability.io/vulnerability/CVE-2023-34052,Deserialization Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs suffers from a deserialization vulnerability that can be exploited by an attacker with non-administrative access. This flaw allows a malicious actor to manipulate the data's deserialization process, potentially leading to authentication bypass, thereby compromising the integrity of user authentication and system security.",Vmware,Vmware Aria Operations For Logs,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-10-20T05:15:00.000Z,0
CVE-2023-34051,https://securityvulnerability.io/vulnerability/CVE-2023-34051,Authentication Bypass in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is impacted by a vulnerability that allows an unauthenticated attacker to bypass authentication protocols. By exploiting this flaw, a malicious user can inject arbitrary files into the operating system of the affected appliance, leading to potential remote code execution. Organizations using this software should prioritize mitigating this risk to protect their systems from unauthorized access and exploitation.",Vmware,VMware Aria Operations for Logs,9.8,CRITICAL,0.0021800000686198473,false,,false,false,true,2023-10-20T14:59:45.000Z,true,false,false,,2023-10-20T05:15:00.000Z,0
CVE-2023-34043,https://securityvulnerability.io/vulnerability/CVE-2023-34043,Local Privilege Escalation Vulnerability in VMware Aria Operations,"VMware Aria Operations is susceptible to a local privilege escalation vulnerability, enabling an attacker with administrative access to elevate their privileges to 'root'. This flaw can potentially allow malicious actors to gain full control over the system, heightening the security risks for environments using this product. Admins must apply the latest patches and follow recommended security practices to mitigate this issue.",Vmware,Vmware Aria Operations,6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-09-27T15:18:00.000Z,0
CVE-2023-20877,https://securityvulnerability.io/vulnerability/CVE-2023-20877,Privilege Escalation Vulnerability in VMware Aria Operations,"VMware Aria Operations is susceptible to a privilege escalation vulnerability that allows an authenticated user with ReadOnly privileges to execute arbitrary code. This flaw may lead to unauthorized access and manipulation of system settings, thereby compromising the security integrity of the operations environment. It is imperative for users of VMware Aria Operations to apply the necessary patches provided by VMware to mitigate the risks associated with this vulnerability.",Vmware,Vmware Aria Operations (formerly Vrealize Operations),8.8,HIGH,0.0011099999537691474,false,,false,false,false,,,false,false,,2023-05-12T00:00:00.000Z,0
CVE-2023-20879,https://securityvulnerability.io/vulnerability/CVE-2023-20879,Local Privilege Escalation Vulnerability in VMware Aria Operations,"VMware Aria Operations has a vulnerability that allows an attacker with administrative privileges to escalate their access to root level on the underlying operating system. This could potentially lead to unauthorized control over system resources and sensitive data, posing significant risks to system integrity and security.",Vmware,Vmware Aria Operations (formerly Vrealize Operations),6.7,MEDIUM,0.0004199999966658652,false,,false,false,false,,,false,false,,2023-05-12T00:00:00.000Z,0
CVE-2023-20880,https://securityvulnerability.io/vulnerability/CVE-2023-20880,Privilege Escalation Vulnerability in VMware Aria Operations,"VMware Aria Operations is impacted by a vulnerability that allows a malicious actor with administrative access to the localized system to gain elevated privileges to the root account. This flaw raises significant security concerns, as it permits unauthorized escalation of authority, potentially leading to further exploitation of the system.",Vmware,Vmware Aria Operations (formerly Vrealize Operations),6.7,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2023-05-12T00:00:00.000Z,0
CVE-2023-20878,https://securityvulnerability.io/vulnerability/CVE-2023-20878,Deserialization Vulnerability in VMware Aria Operations,"VMware Aria Operations is affected by a deserialization vulnerability that allows an authenticated attacker with administrative privileges to execute arbitrary commands. This exploit can potentially disrupt the normal operation of the system, leading to serious security implications. Users are advised to review the security advisory for necessary updates and mitigation strategies.",Vmware,Vmware Aria Operations (formerly Vrealize Operations),7.2,HIGH,0.0007200000109151006,false,,false,false,false,,,false,false,,2023-05-12T00:00:00.000Z,0
CVE-2023-20864,https://securityvulnerability.io/vulnerability/CVE-2023-20864,Deserialization Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is affected by a deserialization vulnerability that allows unauthenticated attackers with network access to execute arbitrary code with root privileges. This vulnerability poses a significant risk as it can be exploited remotely, enabling malicious actors to gain unauthorized access and potentially compromise system integrity. Organizations utilizing this product should take immediate action to implement patches and ensure their systems are secure against potential exploit attempts.",Vmware,Vmware Aria Operations For Logs (formerly Vrealize Log Insight),9.8,CRITICAL,0.26137998700141907,false,,false,false,false,,,false,false,,2023-04-20T00:00:00.000Z,0
CVE-2023-20865,https://securityvulnerability.io/vulnerability/CVE-2023-20865,Command Injection Vulnerability in VMware Aria Operations for Logs,"A command injection vulnerability has been identified in VMware Aria Operations for Logs. This flaw allows an attacker with administrative access to execute arbitrary commands with root privileges, potentially leading to unauthorized access and control over the affected system. It is essential for organizations using this product to investigate and apply the recommended security patches to mitigate the risks associated with this vulnerability.",Vmware,Vmware Aria Operations For Logs (formerly Vrealize Log Insight),7.2,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2023-04-20T00:00:00.000Z,0
CVE-2022-31682,https://securityvulnerability.io/vulnerability/CVE-2022-31682,Arbitrary File Read Vulnerability in VMware Aria Operations,"VMware Aria Operations contains a vulnerability that allows an attacker with administrative privileges to access arbitrary files. This can lead to the exposure of sensitive data, posing a significant risk to data integrity and confidentiality. Organizations using this product should take immediate action to review their security configurations and apply necessary updates to mitigate the risk of unauthorized access to critical information.",Vmware,Vmware Aria Operations,4.9,MEDIUM,0.000590000010561198,false,,false,false,false,,,false,false,,2022-10-11T00:00:00.000Z,0