Lucene search
K

97 matches found

ATTACKERKB
ATTACKERKB
added 2022/10/28 4:15 p.m.2 views

CVE-2022-37426

Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...

7.5CVSS7.1AI score0.00504EPSS
Exploits0References2
OSV
OSV
added 2022/10/28 4:15 p.m.1 views

UBUNTU-CVE-2022-37425

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion...

9.9CVSS7.4AI score0.01536EPSS
Exploits0References2
OSV
OSV
added 2022/10/28 4:15 p.m.2 views

UBUNTU-CVE-2022-37424

Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...

6.5CVSS5.8AI score0.00707EPSS
Exploits0References3
OSV
OSV
added 2022/10/28 4:15 p.m.1 views

UBUNTU-CVE-2022-37426

Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...

7.5CVSS5.8AI score0.00504EPSS
Exploits0References3
CVE
CVE
added 2022/10/28 3:9 p.m.57 views

CVE-2022-37425

CVE-2022-37425 affects OpenNebula core on Linux, due to improper neutralization of special elements used in a command, allowing Remote Code Inclusion. The vulnerability is rated CRITICAL (CVSS v3.1, high impact on C/I/A). A mitigation in the public record is the OpenNebula 6.4.2 LTS maintenance r...

9.9CVSS9.8AI score0.01536EPSS
Exploits0References1Affected Software1
CVE
CVE
added 2022/10/28 3:9 p.m.62 views

CVE-2022-37426

Technical details (affected components, versions, root cause, and fixes) are not publicly provided in the supplied connected documents. Monitor for updates from vendors and security bulletins.

7.5CVSS7.5AI score0.00504EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/28 3:9 p.m.25 views

CVE-2022-37426

Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection...

4.3CVSS7.7AI score0.00504EPSS
Exploits0References1
Cvelist
Cvelist
added 2022/10/28 3:9 p.m.26 views

CVE-2022-37425 The FILES directive inside a VM template allows execution of uploaded files when the template is instantiated, resulting in a Remote Code Execution (RCE) attack.

Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion...

9.9CVSS9.9AI score0.01536EPSS
Exploits0References1
CVE
CVE
added 2022/10/28 3:9 p.m.52 views

CVE-2022-37424

CVE-2022-37424 concerns OpenNebula on Linux. The vulnerability arises from the FILES directive, which may allow arbitrary files from the frontend system (including sensitive files) to be included when a VM is started from a template, potentially causing Information Disclosure. Affected details (s...

6.5CVSS6.4AI score0.00707EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2022/10/28 3:9 p.m.19 views

CVE-2022-37424 The FILES Directive allows arbitrary files from the frontend system (including sensitive files) to be included when a VM is started from that template, which may result in Information Disclosure.

Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery...

6.5CVSS6.6AI score0.00707EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.3 views

OpenNebula 命令注入漏洞

OpenNebula is an OpenNebula open source cloud computing platform for managing heterogeneous distributed data center infrastructures. A security vulnerability exists in OpenNebula that stems from improper neutralization of special elements and a command injection vulnerability that allows remote...

9.9CVSS8.7AI score0.01536EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.3 views

OpenNebula 代码问题漏洞

OpenNebula is an OpenNebula open source cloud computing platform for managing heterogeneous distributed data center infrastructures. A security vulnerability exists in OpenNebula that stems from the presence of an unlimited upload of dangerous types of files vulnerability that allows file content...

7.5CVSS7.3AI score0.00504EPSS
Exploits0References2
CNNVD
CNNVD
added 2022/10/28 12:0 a.m.3 views

OpenNebula 安全漏洞

OpenNebula is OpenNebula open source a cloud computing platform for managing heterogeneous distributed data center infrastructures. A security vulnerability exists in OpenNebula that stems from a file or directory being accessible to an outsider, allowing file discovery...

6.5CVSS6.5AI score0.00707EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2022/08/05 12:0 a.m.4 views

PT-2022-23990 · Unknown · Opennebula

Name of the Vulnerable Software and Affected Versions: OpenNebula affected versions not specified Description: The issue is related to an Improper Neutralization of Special Elements used in a Command 'Command Injection' vulnerability in OpenNebula core on Linux, allowing Remote Code Inclusion...

9.9CVSS9.5AI score0.01536EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/08/05 12:0 a.m.3 views

PT-2022-23991 · Unknown · Opennebula

Name of the Vulnerable Software and Affected Versions: OpenNebula affected versions not specified Description: The issue allows for File Content Injection due to an Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula core on Linux. Recommendations: At the moment, there is ...

7.5CVSS7.5AI score0.00504EPSS
Exploits0References8
Positive Technologies
Positive Technologies
added 2022/08/05 12:0 a.m.4 views

PT-2022-23989 · Unknown · Opennebula

Name of the Vulnerable Software and Affected Versions: OpenNebula affected versions not specified Description: The issue allows files or directories to be accessible to external parties, enabling file discovery. This affects OpenNebula on Linux. Recommendations: At the moment, there is no...

6.5CVSS6.3AI score0.00707EPSS
Exploits0References9
BDU FSTEC
BDU FSTEC
added 2020/08/05 12:0 a.m.3 views

The vulnerability of the virtualization management software for libvirt, related to an error on the opennebula nodes—where calling this function causes an out-of-buffer operation—allows a malicious actor to trigger a service failure.

The vulnerability of the libvirt virtualization management software is related to an error in the opennebula nodes. When this node is called, an out-of-buffer operation error occurs. Exploiting this vulnerability can allow a perpetrator to cause a service failure...

5CVSS5.5AI score
Exploits0References1Affected Software1
Rows per page
Query Builder