Export limit exceeded: 356347 CVEs match your query. Please refine your search to export 10,000 CVEs or fewer.

Search

Use the Query Builder to create your own search query, or check out the documentation to learn the search syntax.

Search Examples

CVEs in KEV CVEs with EPSS >= 80% Crit. Microsoft High Apache SQL Injection (CWE-89) Linux Kernel High (CVSS 3.1) Apache Struts RCE (Remote Code Execution) XSS (CWE-79) Critical (CVSS 4.0) CVEs to check

Search Results (30 CVEs found)

Export CSV
CVE Vendors Products Updated CVSS v3.1
CVE-2026-22721 1 Vmware 4 Aria Operations, Cloud Foundation, Telco Cloud Infrastructure and 1 more 2026-04-17 6.2 Medium
VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' found in  VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 .
CVE-2026-22719 1 Vmware 4 Aria Operations, Cloud Foundation, Telco Cloud Infrastructure and 1 more 2026-04-15 8.1 High
VMware Aria Operations contains a command injection vulnerability. A malicious unauthenticated actor may exploit this issue to execute arbitrary commands which may lead to remote code execution in VMware Aria Operations while support-assisted product migration is in progress.  To remediate CVE-2026-22719, apply the patches listed in the 'Fixed Version' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001  Workarounds for CVE-2026-22719 are documented in the 'Workarounds' column of the ' Response Matrix https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947 ' in VMSA-2026-0001
CVE-2026-22720 1 Vmware 4 Aria Operations, Cloud Foundation, Telco Cloud Infrastructure and 1 more 2026-04-15 8 High
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with privileges to create custom benchmarks may be able to inject script to perform administrative actions in VMware Aria Operations.  To remediate CVE-2026-22720, apply the patches listed in the 'Fixed Version' column of the 'Response Matrix' of  VMSA-2026-0001 https://support.broadcom.com/web/ecx/support-content-notification/-/external/content/SecurityAdvisories/0/36947https:// .
CVE-2025-41245 1 Vmware 3 Aria Operations, Cloud Foundation, Tools 2026-04-15 4.9 Medium
VMware Aria Operations contains an information disclosure vulnerability. A malicious actor with non-administrative privileges in Aria Operations may exploit this vulnerability to disclose credentials of other users of Aria Operations.
CVE-2025-22220 1 Vmware 2 Aria Operations For Logs, Cloud Foundation 2026-02-26 4.3 Medium
VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user.
CVE-2025-41244 4 Debian, Linux, Microsoft and 1 more 10 Debian Linux, Linux Kernel, Windows and 7 more 2026-02-26 7.8 High
VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this vulnerability to escalate privileges to root on the same VM.
CVE-2023-20887 1 Vmware 1 Aria Operations For Networks 2025-10-28 9.8 Critical
Aria Operations for Networks contains a command injection vulnerability. A malicious actor with network access to VMware Aria Operations for Networks may be able to perform a command injection attack resulting in remote code execution.
CVE-2024-22241 1 Vmware 1 Aria Operations For Networks 2025-06-03 4.3 Medium
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges can inject a malicious payload into the login banner and takeover the user account.  
CVE-2024-22238 1 Vmware 1 Aria Operations For Networks 2025-06-03 6.4 Medium
Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization.
CVE-2024-22240 1 Vmware 1 Aria Operations For Networks 2025-05-15 4.9 Medium
Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information.
CVE-2024-22239 1 Vmware 1 Aria Operations For Networks 2025-05-15 5.3 Medium
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain regular shell access.
CVE-2024-22237 1 Vmware 1 Aria Operations For Networks 2025-05-15 7.8 High
Aria Operations for Networks contains a local privilege escalation vulnerability. A console user with access to Aria Operations for Networks may exploit this vulnerability to escalate privileges to gain root access to the system.
CVE-2025-22222 1 Vmware 2 Aria Operations, Cloud Foundation 2025-05-14 7.7 High
VMware Aria Operations contains an information disclosure vulnerability. A malicious user with non-administrative privileges may exploit this vulnerability to retrieve credentials for an outbound plugin if a valid service credential ID is known.
CVE-2025-22221 1 Vmware 2 Aria Operations For Logs, Cloud Foundation 2025-05-14 5.2 Medium
VMware Aria Operation for Logs contains a stored cross-site scripting vulnerability. A malicious actor with admin privileges to VMware Aria Operations for Logs may be able to inject a malicious script that could be executed in a victim's browser when performing a delete action in the Agent Configuration.
CVE-2025-22219 1 Vmware 2 Aria Operations For Logs, Cloud Foundation 2025-05-14 6.8 Medium
VMware Aria Operations for Logs contains a stored cross-site scripting vulnerability. A malicious actor with non-administrative privileges may be able to inject a malicious script that (can perform stored cross-site scripting) may lead to arbitrary operations as admin user.
CVE-2025-22218 1 Vmware 2 Aria Operations For Logs, Cloud Foundation 2025-05-14 8.5 High
VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs
CVE-2024-38830 1 Vmware 2 Aria Operations, Cloud Foundation 2025-05-14 7.8 High
VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations.
CVE-2024-38831 1 Vmware 2 Aria Operations, Cloud Foundation 2025-05-14 7.8 High
VMware Aria Operations contains a local privilege escalation vulnerability.  A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to  a root user on the appliance running VMware Aria Operations.
CVE-2024-38832 1 Vmware 2 Aria Operations, Cloud Foundation 2025-05-14 7.1 High
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to views may be able to inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.
CVE-2024-38833 1 Vmware 2 Aria Operations, Cloud Foundation 2025-05-14 6.8 Medium
VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations.