32 matches found
CVE-2021-22021
VMware vRealize Log Insight 8.x prior to 8.4 contains a Cross Site Scripting XSS vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared...
CVE-2022-31654
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...
CVE-2022-31655
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...
EUVD-2016-6283
Malware in sbrugna...
EUVD-2018-18724
Malware in sbrugna...
EUVD-2016-3187
Malware in sbrugna...
EUVD-2016-3186
Malware in sbrugna...
EUVD-2022-53088
Malicious code in bioql PyPI...
EUVD-2022-53089
Malicious code in bioql PyPI...
CVE-2020-3954
Open Redirect vulnerability exists in VMware vRealize Log Insight prior to 8.1.0 due to improper Input validation...
VMware vRealize Log Insight RemotePakDownloadCommand Directory Traversal Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware vRealize Log Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists within the RemotePakDownloadCommand function. The issue results from the lack of...
VMware vRealize Log Insight setConfig Missing Authentication for Critical Function Remote Code Execution Vulnerability
This vulnerability allows remote attackers to execute arbitrary code on affected installations of VMware vRealize Log Insight. Authentication is not required to exploit this vulnerability. The specific flaw exists within the setConfig function. The issue results from the lack of authentication...
VMware vRealize Log Insight Detection Consolidation
Consolidation of VMware vRealize Log Insight detections. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only include"pluginfeedinfo.inc"; if...
Information disclosure
VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication...
VMware vRealize Log Insight 8.x < 8.10.2 Mutliple Vulnerabilities (VMSA-2023-0001)
The VMware vRealize Log Insight application running on the remote host is 8.x prior to 8.10.2. It is, therefore, affected by multiple vulnerabilities, including: - An unspecified directory traversal vulnerability. CVE-2022-31706 - An unspecified broken access control vulnerability. CVE-2022-31704...
CVE-2022-31711
VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication...
CVE-2022-31711
VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication...
VMware vRealize Log Insight 8.x < 8.8.2 XSS (VMSA-2022-0019)
The VMware vRealize Log Insight application running on the remote host is 8.0.0 or later but prior to 8.8.2. It is, therefore, affected by multiple XSS vulnerabilities. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. C...
CVE-2022-31654
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...
Cross site scripting
VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...