CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

130 matches found

VMware vRealize Log Insight - Path Traversal

he vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution. id: CVE-2022-31706 info: name: VMware vRealize Log Insight - Path Traversal...

9.8CVSS7.8AI score0.9018EPSS

Exploits4References3

Nuclei•added 11 hours ago•10 views

VMware vRealize Log Insight - Improper Access Control to RCE

The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result in remote code execution. id: CVE-2022-31704 info: name: VMware vRealize Log Insight - Improper Acces...

9.8CVSS7.8AI score0.89845EPSS

Exploits4References3

Nuclei•added 6 days ago•11 views

VMware vRealize Log Insight < v8.10.2 - Information Disclosure

VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication. id: CVE-2022-31711 info: name: VMware vRealize Log Insight v8.10.2 - Information Disclosure author: DhiyaneshD...

5.3CVSS7AI score0.82409EPSS

Exploits4References2

RedhatCVE•added 2026/01/09 11:20 a.m.•1 views

CVE-2021-22035

VMware vRealize Log Insight 8.x prior to 8.6 contains a CSVComma Separated Value injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-administrative privileges may be able to embed untrusted data prior to exporting a CSV sheet through Log...

4.3CVSS7.1AI score0.00267EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:19 a.m.•4 views

CVE-2021-22021

VMware vRealize Log Insight 8.x prior to 8.4 contains a Cross Site Scripting XSS vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared...

5.4CVSS5.8AI score0.00242EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:48 a.m.•11 views

CVE-2022-31704

9.8CVSS7.6AI score0.89845EPSS

Exploits4References1

RedhatCVE•added 2026/01/09 10:47 a.m.•6 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4CVSS5.9AI score0.01264EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:46 a.m.•6 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4CVSS5.9AI score0.01264EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:46 a.m.•5 views

CVE-2022-31703

The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in remote code execution...

7.5CVSS7.5AI score0.01601EPSS

Exploits0References1