CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

150 matches found

RedhatCVE•added 2026/01/09 11:19 a.m.•4 views

CVE-2021-22036

VMware vRealize Orchestrator 8.x prior to 8.6 contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled domain due to improper path handling in vRealize Orchestrator leading to sensitive information disclosure...

6.5CVSS6.3AI score0.00582EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 11:19 a.m.•4 views

CVE-2021-22021

VMware vRealize Log Insight 8.x prior to 8.4 contains a Cross Site Scripting XSS vulnerability due to improper user input validation. An attacker with user privileges may be able to inject a malicious payload via the Log Insight UI which would be executed when the victim accesses the shared...

5.4CVSS5.8AI score0.00242EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:47 a.m.•6 views

CVE-2022-31654

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations...

5.4CVSS5.9AI score0.01264EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:47 a.m.•6 views

CVE-2022-31672

VMware vRealize Operations contains a privilege escalation vulnerability. A malicious actor with administrative network access can escalate privileges to root...

7.2CVSS7.3AI score0.01047EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:47 a.m.•4 views

CVE-2022-31708

vRealize Operations vROps contains a broken access control vulnerability. VMware has evaluated the severity of this issue to be in the Moderate severity range with a maximum CVSSv3 base score of 4.4...

4.9CVSS6.9AI score0.00479EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:46 a.m.•6 views

CVE-2022-31655

VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts...

5.4CVSS5.9AI score0.01264EPSS

Exploits0References1

RedhatCVE•added 2026/01/09 10:46 a.m.•4 views

CVE-2022-31675

VMware vRealize Operations contains an authentication bypass vulnerability. An unauthenticated malicious actor with network access may be able to create a user with administrative privileges...

7.5CVSS7.2AI score0.00291EPSS

Exploits1References1