212 matches found
EUVD-2013-2697
Malware in sbrugna...
EUVD-2024-41554
Malicious code in bioql PyPI...
EUVD-2024-41373
Malicious code in bioql PyPI...
EUVD-2025-18066
Malicious code in bioql PyPI...
EUVD-2025-18067
Malicious code in bioql PyPI...
EUVD-2025-18065
Malicious code in bioql PyPI...
EUVD-2025-18064
Malicious code in bioql PyPI...
EUVD-2022-31329
Malicious code in bioql PyPI...
EUVD-2024-39461
Malicious code in bioql PyPI...
Apache CloudStack Information Disclosure Vulnerability (CNVD-2025-15706)
Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack suffers from an information disclosure vulnerabilit...
Apache CloudStack elevation of privilege vulnerability (CNVD-2025-20874)
Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. Apache CloudStack has a security vulnerability that can be exploited ...
Apache CloudStack Authorization Issues Vulnerability
Apache CloudStack is a suite of Infrastructure as a Service IaaS cloud computing platforms from the Apache Foundation in the United States. The platform is primarily used to deploy and manage large networks of virtual machines. An authorization issue vulnerability exists in Apache CloudStack...
CVE-2025-47713
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type. This operation is not appropriately restricted and allows the attacker to assume...
CVE-2025-30675
In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the 'domainid' parameter along with the 'filter=self' or 'filter=selfexecutable' values. This allows the attack...
CVE-2025-47849
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and...
CVE-2025-26521
When an Apache CloudStack user-account creates a CKS-based Kubernetes cluster in a project, the API key and the secret key of the 'kubeadmin' user of the caller account are used to create the secret config in the CKS-based Kubernetes cluster. A member of the project who can access the CKS-based...
CVE-2025-30675
In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the 'domainid' parameter along with the 'filter=self' or 'filter=selfexecutable' values. This allows the attack...
CVE-2025-30675
In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the 'domainid' parameter along with the 'filter=self' or 'filter=selfexecutable' values. This allows the attack...
CVE-2025-47849
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can get the API key and secret key of user-accounts of Admin role type in the same domain. This operation is not appropriately restricted and...
CVE-2025-47713
A privilege escalation vulnerability exists in Apache CloudStack versions 4.10.0.0 through 4.20.0.0 where a malicious Domain Admin user in the ROOT domain can reset the password of user-accounts of Admin role type. This operation is not appropriately restricted and allows the attacker to assume...