Lucene search
K

5 matches found

EUVD
EUVD
added 2025/11/27 12:30 p.m.8 views

EUVD-2025-199820

In Apache CloudStack improper control of generation of code 'Code Injection' vulnerability is found in the following APIs which are accessible only to admins. quotaTariffCreate quotaTariffUpdate createSecondaryStorageSelector updateSecondaryStorageSelector updateHost updateStorage This issue...

6.9AI score0.00398EPSS
Exploits0References3
NVD
NVD
added 2025/11/27 12:15 p.m.17 views

CVE-2025-59302

In Apache CloudStack improper control of generation of code 'Code Injection' vulnerability is found in the following APIs which are accessible only to admins. quotaTariffCreate quotaTariffUpdate createSecondaryStorageSelector updateSecondaryStorageSelector updateHost updateStorage This issue...

4.7CVSS0.00398EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/11/27 11:46 a.m.10 views

CVE-2025-59302 Apache CloudStack: Potential remote code execution on Javascript engine defined rules

In Apache CloudStack improper control of generation of code 'Code Injection' vulnerability is found in the following APIs which are accessible only to admins. quotaTariffCreate quotaTariffUpdate createSecondaryStorageSelector updateSecondaryStorageSelector updateHost updateStorage This issue...

0.00398EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/11/27 12:0 a.m.6 views

PT-2025-48264

Name of the Vulnerable Software and Affected Versions Apache CloudStack versions 4.18.0 through 4.20.1 Apache CloudStack versions 4.21.0 through 4.21.9 Description An improper control of code generation 'Code Injection' issue exists in Apache CloudStack, specifically within several APIs accessibl...

4.7CVSS7.3AI score0.00398EPSS
Exploits0References9
CVE
CVE
added 2024/04/04 7:49 a.m.72 views

CVE-2024-29007

The CVE-2024-29007 issue affects Apache CloudStack: when downloading templates or ISOs, the CloudStack management server and the secondary storage VM can follow HTTP 301 redirects to external resources, potentially enabling access to restricted or random resources. Affected components are the Clo...

7.3CVSS7.2AI score0.00785EPSS
Exploits0References1Affected Software1
Rows per page
Query Builder