cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2025-22221,https://securityvulnerability.io/vulnerability/CVE-2025-22221,Stored Cross-Site Scripting Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is susceptible to a stored cross-site scripting vulnerability that allows an attacker with administrative privileges to inject malicious scripts. When a user performs a delete action in the Agent Configuration, these scripts can potentially execute in the victim's browser. This vulnerability poses a significant risk, as it can lead to unauthorized actions and data exposure within the affected application.",Vmware,Vmware Aria Operations For Logs,5.2,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T15:30:12.218Z,0
CVE-2025-22220,https://securityvulnerability.io/vulnerability/CVE-2025-22220,Privilege Escalation in VMware Aria Operations for Logs,"VMware Aria Operations for Logs comprises a privilege escalation vulnerability that allows a malicious actor with non-administrative access and network connectivity to the Aria Operations for Logs API to execute operations as an admin user. This security flaw can potentially enable attackers to elevate their permissions and compromise sensitive information, creating a significant risk to the integrity of the system.",Vmware,Vmware Aria Operations For Logs,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T15:28:13.266Z,0
CVE-2025-22219,https://securityvulnerability.io/vulnerability/CVE-2025-22219,Stored Cross-Site Scripting Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is susceptible to a stored cross-site scripting flaw that allows an attacker with non-administrative privileges to inject malicious scripts. This vulnerability can lead to unauthorized operations being executed as an admin user, compromising system security and the integrity of sensitive data. It highlights the necessity of rigorous input validation and user privilege management to prevent exploitation.",Vmware,Vmware Aria Operations For Logs,6.8,MEDIUM,0.0004299999854993075,false,,true,false,true,2025-01-30T22:00:10.000Z,false,false,false,,2025-01-30T15:26:16.027Z,0
CVE-2025-22218,https://securityvulnerability.io/vulnerability/CVE-2025-22218,Information Disclosure in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is affected by a vulnerability that allows unauthorized users with View Only Admin permissions to access sensitive credentials of integrated VMware products. This exposure can potentially lead to further exploitation of the system, compromising overall security and integrity.",Vmware,Vmware Aria Operations For Logs,8.5,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-30T14:23:01.810Z,0
CVE-2023-34052,https://securityvulnerability.io/vulnerability/CVE-2023-34052,Deserialization Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs suffers from a deserialization vulnerability that can be exploited by an attacker with non-administrative access. This flaw allows a malicious actor to manipulate the data's deserialization process, potentially leading to authentication bypass, thereby compromising the integrity of user authentication and system security.",Vmware,Vmware Aria Operations For Logs,7.8,HIGH,0.00044999999227002263,false,,false,false,false,,,false,false,,2023-10-20T05:15:00.000Z,0
CVE-2023-34051,https://securityvulnerability.io/vulnerability/CVE-2023-34051,Authentication Bypass in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is impacted by a vulnerability that allows an unauthenticated attacker to bypass authentication protocols. By exploiting this flaw, a malicious user can inject arbitrary files into the operating system of the affected appliance, leading to potential remote code execution. Organizations using this software should prioritize mitigating this risk to protect their systems from unauthorized access and exploitation.",Vmware,VMware Aria Operations for Logs,9.8,CRITICAL,0.0021800000686198473,false,,false,false,true,2023-10-20T14:59:45.000Z,true,false,false,,2023-10-20T05:15:00.000Z,0
CVE-2023-20865,https://securityvulnerability.io/vulnerability/CVE-2023-20865,Command Injection Vulnerability in VMware Aria Operations for Logs,"A command injection vulnerability has been identified in VMware Aria Operations for Logs. This flaw allows an attacker with administrative access to execute arbitrary commands with root privileges, potentially leading to unauthorized access and control over the affected system. It is essential for organizations using this product to investigate and apply the recommended security patches to mitigate the risks associated with this vulnerability.",Vmware,Vmware Aria Operations For Logs (formerly Vrealize Log Insight),7.2,HIGH,0.000910000002477318,false,,false,false,false,,,false,false,,2023-04-20T00:00:00.000Z,0
CVE-2023-20864,https://securityvulnerability.io/vulnerability/CVE-2023-20864,Deserialization Vulnerability in VMware Aria Operations for Logs,"VMware Aria Operations for Logs is affected by a deserialization vulnerability that allows unauthenticated attackers with network access to execute arbitrary code with root privileges. This vulnerability poses a significant risk as it can be exploited remotely, enabling malicious actors to gain unauthorized access and potentially compromise system integrity. Organizations utilizing this product should take immediate action to implement patches and ensure their systems are secure against potential exploit attempts.",Vmware,Vmware Aria Operations For Logs (formerly Vrealize Log Insight),9.8,CRITICAL,0.26137998700141907,false,,false,false,false,,,false,false,,2023-04-20T00:00:00.000Z,0