Vmware aria operations for logs

This hub aggregates every CVE we track for Vmware aria operations for logs, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.

Severity distribution

Monthly trend

The 15 most recently published vulnerabilities affecting Vmware aria operations for logs.

• CVE-2025-22221VMware Aria Operations for Logs stored cross-site scripting vulnerability (CVE-2025-22221)5.2Jan 30, 2025
• CVE-2025-22220VMware Aria Operations for Logs broken access control vulnerability (CVE-2025-22220)4.3Jan 30, 2025
• CVE-2025-22219VMware Aria Operations for Logs stored cross-site scripting vulnerability (CVE-2025-22219)6.8Jan 30, 2025
• CVE-2025-22218VMware Aria Operations for Logs information disclosure vulnerability8.5Jan 30, 2025
• CVE-2023-34051VMware Aria Operations for Logs contains an authentication bypass vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can r...9.8Oct 20, 2023
• CVE-2023-34052VMware Aria Operations for Logs contains a deserialization vulnerability. A malicious actor with non-administrative access to the local system can trigger the deserialization of data which could r...7.8Oct 20, 2023
• CVE-2023-20865VMware Aria Operations for Logs contains a command injection vulnerability. A malicious actor with administrative privileges in VMware Aria Operations for Logs can execute arbitrary commands as root.7.2Apr 20, 2023
• CVE-2023-20864VMware Aria Operations for Logs contains a deserialization vulnerability. An unauthenticated, malicious actor with network access to VMware Aria Operations for Logs may be able to execute arbitrary...9.8Apr 20, 2023
• CVE-2022-31711VMware vRealize Log Insight contains an Information Disclosure Vulnerability. A malicious actor can remotely collect sensitive session and application information without authentication.5.3Jan 25, 2023
• CVE-2022-31710vRealize Log Insight contains a deserialization vulnerability. An unauthenticated malicious actor can remotely trigger the deserialization of untrusted data which could result in a denial of service.7.5Jan 25, 2023
• CVE-2022-31706The vRealize Log Insight contains a Directory Traversal Vulnerability. An unauthenticated, malicious actor can inject files into the operating system of an impacted appliance which can result in re...9.8Jan 25, 2023
• CVE-2022-31704The vRealize Log Insight contains a broken access control vulnerability. An unauthenticated malicious actor can remotely inject code into sensitive files of an impacted appliance which can result i...9.8Jan 25, 2023
• CVE-2022-31655VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in alerts.5.4Jul 12, 2022
• CVE-2022-31654VMware vRealize Log Insight in versions prior to 8.8.2 contain a stored cross-site scripting vulnerability due to improper input sanitization in configurations.5.4Jul 12, 2022
• CVE-2021-22035VMware vRealize Log Insight (8.x prior to 8.6) contains a CSV(Comma Separated Value) injection vulnerability in interactive analytics export function. An authenticated malicious actor with non-admi...4.3Oct 13, 2021