Opennebula

opennebula

7 CVEs • 1 product

Products (1)

Click to collapse

Toggle

CVEs (7)

CVE VENDORS PRODUCTS UPDATED PUBLISHED CVSS
CVE-2025-56537 1Opennebula 1Opennebula Apr 30, 2026 Apr 29, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template par...Show more A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 and fixed in v.7.0 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the virtual network template parameter.Show less
CVE-2025-56536 1Opennebula 1Opennebula Apr 30, 2026 Apr 29, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A stored cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the user information parameter.
CVE-2025-56535 1Opennebula 1Opennebula Apr 30, 2026 Apr 29, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A cross-site scripting (XSS) vulnerability in opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via injecting a crafted payload into the zone attribute parameter.
CVE-2025-56534 1Opennebula 1Opennebula Apr 30, 2026 Apr 29, 2026 N/A· v4 6.1 MEDIUM· v3 N/A· v2 A cross-site scripting (XSS) vulnerability in the custom authenticator driver of opennebula v6.10.0.1 allows attackers to execute arbitrary web scripts or HTML via a crafted payload.
CVE-2022-37426 1Opennebula 1Opennebula Nov 21, 2024 Oct 28, 2022 N/A· v4 7.5 HIGH· v3 N/A· v2 Unrestricted Upload of File with Dangerous Type vulnerability in OpenNebula OpenNebula core on Linux allows File Content Injection.
CVE-2022-37425 1Opennebula 1Opennebula Nov 21, 2024 Oct 28, 2022 N/A· v4 9.8 CRITICAL· v3 N/A· v2 Improper Neutralization of Special Elements used in a Command ('Command Injection') vulnerability in OpenNebula OpenNebula core on Linux allows Remote Code Inclusion.
CVE-2022-37424 1Opennebula 1Opennebula Nov 21, 2024 Oct 28, 2022 N/A· v4 6.5 MEDIUM· v3 N/A· v2 Files or Directories Accessible to External Parties vulnerability in OpenNebula on Linux allows File Discovery.