EUVD-2019-4087

Malware in sbrugna...

MAL-2025-22973 Malicious code in idig-onapp (npm)

The package idig-onapp was found to contain malicious code...

Malicious code in idig-onapp (npm)

The package idig-onapp was found to contain malicious code...

CVE-2019-12491

OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud e.g. by renting one. From the sour...

CVE-2019-12491

OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud e.g. by renting one. From the sour...

Command injection

OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud e.g. by renting one. From the sour...

CVE-2019-12491

OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196 allows an attacker to run arbitrary commands with root privileges on servers managed by OnApp for XEN/KVM hypervisors. To exploit the vulnerability an attacker has to have control of a single server on a given cloud e.g. by renting one. From the sour...

CVE-2019-12491

CVE-2019-12491 affects OnApp before 5.0.0-88, 5.5.0-93, and 6.0.0-196, allowing an attacker who controls a single server in a cloud to craft and trigger commands that execute with root privileges on a target server managed by OnApp for XEN/KVM hypervisors. The issue enables remote command executi...

OnApp CVE-2019-12491 Command Execution Vulnerability

Description OnApp is prone to a remote command-execution vulnerability. Successfully exploiting this issue may allow an attacker to execute arbitrary commands with root privileges in the context of the affected server. OnApp versions 5.0 prior to 5.0.0-88, 5.1 through 5.4, 5.5 prior to 5.5.0-93,...

CDNsun and OnApp Remote Denial of Service Vulnerabilities

CDNsun is a suite of solutions providing global video streaming and content delivery services from CDNsun, Czech Republic.OnApp is a suite of cloud management solutions for hosters from OnApp, UK. A remote denial of service vulnerability exists in CDNsun and OnApp, which could be exploited by an...

OnApp SSH keys cloning

ECDSA host keys are not regenerated after system image cloning...

SSH key cloning problem in OnApp templates

OnApp sells a "complete IaaS platform" for hosting providers to offer virtual servers. Their platform ships with templates disk images for many different operating systems, which it automatically customizes passwords, network settings, etc. when a new virtual server is deployed. During each...