Vmware aria automation orchestrator
This hub aggregates every CVE we track for Vmware aria automation orchestrator, a product in the cloud saas space. Use it to gauge the current risk picture and drill into individual advisories.
6
CVEs tracked
0
Critical
3
High
0
In CISA KEV
Severity distribution
HIGH3MEDIUM3
Monthly trend
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
2024-082026-07
Latest CVEs
The 6 most recently published vulnerabilities affecting Vmware aria automation orchestrator.
- CVE-2023-20855VMware vRealize Orchestrator contains an XML External Entity (XXE) vulnerability. A malicious actor, with non-administrative access to vRealize Orchestrator, may be able to use specially crafted in...8.8
- CVE-2021-22036VMware vRealize Orchestrator ((8.x prior to 8.6) contains an open redirect vulnerability due to improper path handling. A malicious actor may be able to redirect victim to an attacker controlled do...6.5
- CVE-2019-11478SACK can cause extensive memory use via fragmented resend queue5.3
- CVE-2019-11477Integer overflow in TCP_SKB_CB(skb)->tcp_gso_segs7.5
- CVE-2014-0112ParametersInterceptor in Apache Struts before 2.3.20 does not properly restrict access to the getClass method, which allows remote attackers to "manipulate" the ClassLoader and execute arbitrary co...7.5
- CVE-2014-0094The ParametersInterceptor in Apache Struts before 2.3.16.2 allows remote attackers to "manipulate" the ClassLoader via the class parameter, which is passed to the getClass method.5.0
Product normalization is registry-driven with AI assist and human review. How it works