Total
7 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-56534 | 1 Opennebula | 1 Opennebula | 2026-04-30 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload. | |||||
| CVE-2025-56535 | 1 Opennebula | 1 Opennebula | 2026-04-30 | N/A | 6.1 MEDIUM |
| A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter. | |||||
| CVE-2025-56536 | 1 Opennebula | 1 Opennebula | 2026-04-30 | N/A | 6.1 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter. | |||||
| CVE-2025-56537 | 1 Opennebula | 1 Opennebula | 2026-04-30 | N/A | 6.1 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter. | |||||
| CVE-2022-37426 | 2 Linux, Opennebula | 2 Linux Kernel, Opennebula | 2024-11-21 | N/A | 4.3 MEDIUM |
| Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection. | |||||
| CVE-2022-37425 | 2 Linux, Opennebula | 2 Linux Kernel, Opennebula | 2024-11-21 | N/A | 9.9 CRITICAL |
| Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion. | |||||
| CVE-2022-37424 | 2 Linux, Opennebula | 2 Linux Kernel, Opennebula | 2024-11-21 | N/A | 6.5 MEDIUM |
| Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery. | |||||