13 matches found
EUVD-2025-18062
Malicious code in bioql PyPI...
CVE-2025-22829
The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access in CloudStack 4.20.0.0 environments, where this plugin is enabled and have access to specific APIs can enable or disable reception of quota-related emails for...
CVE-2025-22829
The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access in CloudStack 4.20.0.0 environments, where this plugin is enabled and have access to specific APIs can enable or disable reception of quota-related emails for...
CVE-2025-22829
The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access in CloudStack 4.20.0.0 environments, where this plugin is enabled and have access to specific APIs can enable or disable reception of quota-related emails for...
CVE-2025-22829 Apache CloudStack: Unauthorised access to dedicated resources in Quota plugin
The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access in CloudStack 4.20.0.0 environments, where this plugin is enabled and have access to specific APIs can enable or disable reception of quota-related emails for...
CVE-2025-22829 Apache CloudStack: Unauthorised access to dedicated resources in Quota plugin
The CloudStack Quota plugin has an improper privilege management logic in version 4.20.0.0. Anyone with authenticated user-account access in CloudStack 4.20.0.0 environments, where this plugin is enabled and have access to specific APIs can enable or disable reception of quota-related emails for...
CVE-2025-22829
Affected software: Apache CloudStack with the Quota plugin (version 4.20.0.0). Issue: Improper privilege management logic lets an authenticated user with access to specific APIs enable/disable quota‑related emails and list quota configurations for any account in environments where the plugin is e...
PT-2025-25166 · Unknown · Cloudstack
Name of the Vulnerable Software and Affected Versions: CloudStack version 4.20.0.0 Description: The CloudStack Quota plugin has an improper privilege management logic. Anyone with authenticated user-account access in CloudStack environments where this plugin is enabled can enable or disable...
CVE-2024-13880 My Quota <= 1.0.8 - Reflected XSS
The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-13880 My Quota <= 1.0.8 - Reflected XSS
The My Quota WordPress plugin through 1.0.8 does not sanitise and escape a parameter before outputting it back in the page, leading to a Reflected Cross-Site Scripting which could be used against high privilege users such as admin...
CVE-2024-45461 Apache CloudStack Quota plugin: Access checks not enforced in Quota
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system for cloud resources, and is disabled by default. In environments where the feature is enabled, due to missing access check enforcements, non-administrative CloudStack user accounts are able to acce...
CVE-2024-45461 Apache CloudStack Quota plugin: Access checks not enforced in Quota
The CloudStack Quota feature allows cloud administrators to implement a quota or usage limit system for cloud resources, and is disabled by default. In environments where the feature is enabled, due to missing access check enforcements, non-administrative CloudStack user accounts are able to acce...
PT-2024-31652 · Apache · Apache Cloudstack
Name of the Vulnerable Software and Affected Versions: Apache CloudStack versions 4.7.0 through 4.18.2.3 Apache CloudStack versions 4.19.0.0 through 4.19.1.1 Description: The CloudStack Quota feature, which is disabled by default, allows cloud administrators to implement a quota or usage limit...