EUVD-2020-27099

Malware in sbrugna...

CVE-2025-30675

CVE-2025-30675 in Apache CloudStack affects the listTemplates and listIsos APIs due to a flawed access-control check when domainid is specified with filters self or selfexecutable. The issue allows a Domain Admin or Resource Admin to enumerate templates/ISOs in unrelated domains, breaching isolat...

CVE-2025-30675 Apache CloudStack: Unauthorised template/ISO list access to the domain/resource admins

In Apache CloudStack, a flaw in access control affects the listTemplates and listIsos APIs. A malicious Domain Admin or Resource Admin can exploit this issue by intentionally specifying the 'domainid' parameter along with the 'filter=self' or 'filter=selfexecutable' values. This allows the attack...

CVE-2020-5945

In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability XSS. The issue allows a minor privilege escalation for resource admin to escalate to full admin...

K82518062: BIG-IP SCP vulnerability CVE-2020-5906

Security Advisory Description The BIG-IP system does not properly enforce the access controls for the scp.blacklist files. This allows Admin and Resource Admin users with Secure Copy SCP protocol access to read and overwrite blacklisted files via SCP. CVE-2020-5906 Note : F5 is working to elimina...

K21540525: F5 TMUI XSS vulnerability CVE-2020-5945

Security Advisory Description Undisclosed TMUI page contains a stored cross site scripting vulnerability XSS. The issue allows a minor privilege escalation for resource admin to escalate to full admin. CVE-2020-5945 Impact A malicious, authenticated user with Resource Administrator privileges may...

CVE-2020-5945

In BIG-IP versions 16.0.0-16.0.0.1, 15.1.0-15.1.0.5, and 14.1.0-14.1.2.7, undisclosed TMUI page contains a stored cross site scripting vulnerability XSS. The issue allows a minor privilege escalation for resource admin to escalate to full admin...