CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

142 matches found

AstraLinux•added 2026/05/20 5:53 a.m.•5 views

Astra Linux - уязвимость в open-vm-tools

VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability. A malicious local actor with non-administrative privileges, who has access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled, may exploit this vulnerability to escalate...

7.8CVSS7.5AI score0.00529EPSS

Exploits3References2

ATTACKERKB•added 2026/02/25 8:0 p.m.•3 views

CVE-2026-22721

VMware Aria Operations contains a privilege escalation vulnerability. A malicious actor with privileges in vCenter to access Aria Operations may leverage this vulnerability to obtain administrative access in VMware Aria Operations. To remediate CVE-2026-22721, apply the patches listed in the 'Fix...

7.2CVSS5.4AI score0.00031EPSS

Exploits0References3Affected Software4

CISA KEV Catalog•added 2025/10/30 12:0 a.m.•14 views

Broadcom VMware Aria Operations and VMware Tools Privilege Defined with Unsafe Actions Vulnerability

Broadcom VMware Aria Operations and VMware Tools contain a privilege defined with unsafe actions vulnerability. A malicious local actor with non-administrative privileges having access to a VM with VMware Tools installed and managed by Aria Operations with SDMP enabled may exploit this...

7.8CVSS6.9AI score0.00529EPSS

In wildExploits3

Tenable Nessus•added 2025/10/28 12:0 a.m.•3 views

Unity Linux 20.1050a / 20.1060a / 20.1070a Security Update: open-vm-tools (UTSA-2025-988601)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2025-988601 advisory. VMware Aria Operations and VMware Tools contain a local privilege escalation vulnerability.A malicious local actor with non-administrative privileges having access t...

7.8CVSS7.9AI score0.00529EPSS

Exploits3References4

Tenable Nessus•added 2025/10/22 12:0 a.m.•5 views

TencentOS Server 4: open-vm-tools (TSSA-2025:0776)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0776 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

7.8CVSS7.9AI score0.00529EPSS

Exploits3References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-19810

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00074EPSS

Exploits0References2

EUVD•added 2025/10/03 8:7 p.m.•2 views

EUVD-2024-19808

Malicious code in bioql PyPI...

7.8CVSS7.6AI score0.00128EPSS

Exploits0References2

Tenable Nessus•added 2025/10/02 12:0 a.m.•5 views

VMware Aria Operations 8.x < 8.18.5 Multiple Vulnerabilities (VMSA-2025-0015)

The version of VMware Aria Operations formerly vRealize Operations running on the remote host is 8.x prior to 8.18.5. It is, therefore, affected by multiple vulnerabilities as disclosed in the VMSA-2025-0015 advisory: - VMware Aria Operations and VMware Tools contain a local privilege escalation...

7.8CVSS8AI score0.00529EPSS

Exploits3References3

CNVD•added 2025/10/01 12:0 a.m.•11 views

VMware Tools and VMware Aria Operations Elevation of Privilege Vulnerability

VMware Tools and VMware Aria Operations are both products of VMware, Inc. VMware Tools is an enhancement tool that comes with VMWare virtual machines and is a driver provided by VMware to enhance the performance of virtual graphics cards and hard drives, as well as to synchronize the clocks of th...

7.8CVSS7.1AI score0.00529EPSS

Exploits3References1

GithubExploit•added 2025/09/30 11:40 a.m.•327 views

Exploit for CVE-2025-41244

CVE-2025-41244 VMware Aria Operations and VMware Tools contai...

7.8CVSS7.3AI score0.00529EPSS

Exploits3

The Hacker News•added 2025/09/30 10:57 a.m.•10 views

Urgent: China-Linked Hackers Exploit New VMware Zero-Day Since October 2024

A newly patched security flaw impacting Broadcom VMware Tools and VMware Aria Operations has been exploited in the wild as a zero-day since mid-October 2024 by a threat actor called UNC5174, according to NVISO Labs. The vulnerability in question is CVE-2025-41244 CVSS score: 7.8, a local privileg...

7.8CVSS7.7AI score0.00529EPSS

Exploits3

RedhatCVE•added 2025/05/23 9:35 a.m.•8 views

CVE-2024-22238

Aria Operations for Networks contains a cross site scripting vulnerability. A malicious actor with admin privileges may be able to inject malicious code into user profile configurations due to improper input sanitization...

6.4CVSS6.3AI score0.01943EPSS

Exploits0References1

RedhatCVE•added 2025/05/23 9:34 a.m.•5 views

CVE-2024-22240

Aria Operations for Networks contains a local file read vulnerability. A malicious actor with admin privileges may exploit this vulnerability leading to unauthorized access to sensitive information...

4.9CVSS6.5AI score0.00636EPSS

Exploits0References1

Cvelist•added 2025/01/30 3:28 p.m.•15 views

CVE-2025-22220 VMware Aria Operations for Logs broken access control vulnerability (CVE-2025-22220)

VMware Aria Operations for Logs contains a privilege escalation vulnerability. A malicious actor with non-administrative privileges and network access to Aria Operations for Logs API may be able to perform certain operations in the context of an admin user...

4.3CVSS0.00152EPSS

Exploits0References1

OSV•added 2025/01/30 3:15 p.m.•1 views

CVE-2025-22218

VMware Aria Operations for Logs contains an information disclosure vulnerability. A malicious actor with View Only Admin permissions may be able to read the credentials of a VMware product integrated with VMware Aria Operations for Logs...

7.7CVSS5.8AI score

Exploits0References1

Vulnrichment•added 2025/01/30 2:23 p.m.•8 views

CVE-2025-22218 VMware Aria Operations for Logs information disclosure vulnerability

8.5CVSS8AI score0.00506EPSS

Exploits0References1

Positive Technologies•added 2025/01/30 12:0 a.m.•2 views

PT-2025-4396 · Vmware · Vmware Aria Operations For Logs

Name of the Vulnerable Software and Affected Versions: VMware Aria Operations for Logs affected versions not specified Description: The issue is related to insecure privilege management in VMware Aria Operations for Logs, allowing a malicious actor with non-administrative privileges and network...

5.4CVSS9AI score0.00152EPSS

Exploits0References10

NVD•added 2024/11/26 12:15 p.m.•14 views

CVE-2024-38830

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges may trigger this vulnerability to escalate privileges to root user on the appliance running VMware Aria Operations...

7.8CVSS0.00076EPSS

Exploits0References1

NVD•added 2024/11/26 12:15 p.m.•14 views

CVE-2024-38831

VMware Aria Operations contains a local privilege escalation vulnerability. A malicious actor with local administrative privileges can insert malicious commands into the properties file to escalate privileges to a root user on the appliance running VMware Aria Operations...

7.8CVSS0.00158EPSS

Exploits0References1

NVD•added 2024/11/26 12:15 p.m.•13 views

CVE-2024-38833

VMware Aria Operations contains a stored cross-site scripting vulnerability. A malicious actor with editing access to email templates might inject malicious script leading to stored cross-site scripting in the product VMware Aria Operations...

6.8CVSS0.00306EPSS

Exploits0References1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by