98 matches found
CVE-2025-54955
CVE-2025-54955 affects OpenNebula Community Edition (CE) < 7.0.0 and Enterprise Edition (EE)
CVE-2025-54955
OpenNebula Community Edition CE before 7.0.0 and Enterprise Edition EE before 6.10.3 have a critical FireEdge race condition that can lead to full account takeover. By exploiting this, an unauthenticated attacker can obtain a valid JSON Web Token JWT belonging to a legitimate user without knowled...
CVE-2022-37426
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...
OpenNebula-Account-Takeover
🛡️ Account Takeover via Race Condition in Login...
CVE-2022-37425
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion...
CVE-2022-37426
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...
CVE-2022-37426
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...
CVE-2022-37425
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion...
CVE-2022-37424
Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...
CVE-2022-37424
Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...
CVE-2022-37426
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...
Command injection
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion...
CVE-2022-37426
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...
CVE-2022-37424
Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...
CVE-2022-37425
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion...
Unrestricted file upload
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...
CVE-2022-37424
Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...
CVE-2022-37425
Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion...
CVE-2022-37426
Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...
CVE-2022-37424
Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...