Lucene search
K

764 matches found

AstraLinux
AstraLinux
added 2026/05/03 11:59 p.m.5 views

Astra Linux – Vulnerability in Tomcat9

Occasional URL redirection to untrusted sites is a vulnerability in Apache Tomcat, caused by the LoadBalancerDrainingValve. This issue affects Apache Tomcat versions as follows: 11.0.0-M1 through 11.0.18, 10.1.0-M1 through 10.1.52, 9.0.0.M23 through 9.0.115, and 8.5.30 through 8.5.100. Other,...

6.1CVSS5.3AI score0.00526EPSS
Exploits0References1
Debian
Debian
added 2026/04/28 7:2 p.m.9 views

[SECURITY] [DSA 6233-1] pdns security update

------------------------------------------------------------------------- Debian Security Advisory DSA-6233-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2026 https://www.debian.org/security/faq -...

9.8CVSS5.5AI score0.00524EPSS
Exploits0
Fedora
Fedora
added 2026/04/25 1:53 a.m.7 views

[SECURITY] Fedora 44 Update: dnsdist-2.0.3-1.fc44

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

8.2CVSS5.2AI score0.01028EPSS
Exploits0
ATTACKERKB
ATTACKERKB
added 2026/04/22 12:49 a.m.5 views

CVE-2026-40344

MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's Snowball auto-extract handler PutObjectExtractHandler allows any user who knows a valid access key to write...

8.8CVSS6.1AI score0.00418EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/04/22 12:0 a.m.4 views

Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013673)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013673 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externellb and reset are executed together When externellb and...

5.6AI score0.00176EPSS
Exploits0References4
Virtuozzo
Virtuozzo
added 2026/04/21 12:0 a.m.11 views

Virtuozzo Infrastructure 7.3 Hotfix 1 (7.3.0-177)

This update provides stability fixes. Vulnerability id: VSTOR-127496 Improved error messages for QEMU updates. Vulnerability id: VSTOR-128436 Creating a load balancer could fail with "Unable to find securitygroup". Vulnerability id: VSTOR-129065 Neutron could consume excessive memory when listing...

5.7AI score
Exploits0
CERT
CERT
added 2026/04/21 12:0 a.m.9 views

Radware Alteon has a reflected XSS vulnerability that can execute JavaScript in the host browser

Overview Radware Alteon has a reflected Cross-Site Scripting XSS vulnerability in the parameter ReturnTo of the route /protected/login. This vulnerability allows an attacker to execute JavaScript in the host browser. Description CVE-2026-5754: Reflected Cross-Site Scripting XSS vulnerability in...

6.1CVSS6.5AI score0.00209EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2026/04/17 12:0 a.m.3 views

Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-007581)

The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007581 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externellb and reset are executed together When externellb and...

5.6AI score0.00176EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/04/16 1:22 p.m.5 views

CVE-2026-5754

Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...

6.1CVSS5.8AI score0.00209EPSS
Exploits0References1
OSV
OSV
added 2026/04/15 12:41 a.m.2 views

CLEANSTART-2026-BZ28794 Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service

Multiple security vulnerabilities affect the aws-load-balancer-controller package. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. See references for...

9.8CVSS5.9AI score0.00621EPSS
Exploits0References9
EUVD
EUVD
added 2026/04/14 6:30 p.m.3 views

EUVD-2026-22677

Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...

5.8AI score0.00209EPSS
Exploits0References2
NVD
NVD
added 2026/04/14 6:17 p.m.3 views

CVE-2026-5754

Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...

6.1CVSS0.00209EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/14 5:51 p.m.1 views

CVE-2026-5754

Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...

5.8AI score0.00209EPSS
Exploits0References2Affected Software1
Cvelist
Cvelist
added 2026/04/14 5:51 p.m.25 views

CVE-2026-5754 Radware Alteon has a reflected XSS vulnerability

Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...

0.00209EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/04/14 5:51 p.m.2 views

CVE-2026-5754 Radware Alteon has a reflected XSS vulnerability

Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...

5.7AI score0.00209EPSS
Exploits0References1
CVE
CVE
added 2026/04/14 5:51 p.m.8 views

CVE-2026-5754

Radware Alteon vADC load-balancer, version 34.5.4.0, contains a reflected XSS in the ReturnTo parameter of the /protected/login route due to lack of input sanitization. An attacker can craft a link that injects JavaScript, which is reflected in the victim’s browser, enabling actions such as steal...

6.1CVSS5.8AI score0.00209EPSS
Exploits0References2
Positive Technologies
Positive Technologies
added 2026/04/14 12:0 a.m.5 views

PT-2026-32895

Name of the Vulnerable Software and Affected Versions Radware Alteon vADC load-balancer version 34.5.4.0 Description A Reflected Cross-Site Scripting XSS issue allows an attacker to inject malicious scripts into the website. This can lead to unauthorized actions, data theft, or other malicious...

6.1CVSS5.8AI score0.00209EPSS
Exploits0References5
SUSE CVE
SUSE CVE
added 2026/04/10 11:27 p.m.5 views

SUSE CVE-2026-25854

Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other,...

4.8CVSS5.8AI score0.00526EPSS
Exploits0References10
Fedora
Fedora
added 2026/04/10 1:11 a.m.4 views

[SECURITY] Fedora 42 Update: dnsdist-1.9.12-1.fc42

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

8.2CVSS5.9AI score0.01028EPSS
Exploits0
Fedora
Fedora
added 2026/04/10 1:1 a.m.5 views

[SECURITY] Fedora 43 Update: dnsdist-2.0.3-1.fc43

dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...

8.2CVSS5.9AI score0.01028EPSS
Exploits0
Rows per page
Query Builder