764 matches found
Astra Linux – Vulnerability in Tomcat9
Occasional URL redirection to untrusted sites is a vulnerability in Apache Tomcat, caused by the LoadBalancerDrainingValve. This issue affects Apache Tomcat versions as follows: 11.0.0-M1 through 11.0.18, 10.1.0-M1 through 10.1.52, 9.0.0.M23 through 9.0.115, and 8.5.30 through 8.5.100. Other,...
[SECURITY] [DSA 6233-1] pdns security update
------------------------------------------------------------------------- Debian Security Advisory DSA-6233-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff April 28, 2026 https://www.debian.org/security/faq -...
[SECURITY] Fedora 44 Update: dnsdist-2.0.3-1.fc44
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...
CVE-2026-40344
MinIO is a high-performance object storage system. Starting in RELEASE.2023-05-18T00-05-36Z and prior to RELEASE.2026-04-11T03-20-12Z, an authentication bypass vulnerability in MinIO's Snowball auto-extract handler PutObjectExtractHandler allows any user who knows a valid access key to write...
Unity Linux 20.1070a Security Update: kernel (UTSA-2026-013673)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-013673 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externellb and reset are executed together When externellb and...
Virtuozzo Infrastructure 7.3 Hotfix 1 (7.3.0-177)
This update provides stability fixes. Vulnerability id: VSTOR-127496 Improved error messages for QEMU updates. Vulnerability id: VSTOR-128436 Creating a load balancer could fail with "Unable to find securitygroup". Vulnerability id: VSTOR-129065 Neutron could consume excessive memory when listing...
Radware Alteon has a reflected XSS vulnerability that can execute JavaScript in the host browser
Overview Radware Alteon has a reflected Cross-Site Scripting XSS vulnerability in the parameter ReturnTo of the route /protected/login. This vulnerability allows an attacker to execute JavaScript in the host browser. Description CVE-2026-5754: Reflected Cross-Site Scripting XSS vulnerability in...
Unity Linux 20.1050e / 20.1070e Security Update: kernel (UTSA-2026-007581)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-007581 advisory. In the Linux kernel, the following vulnerability has been resolved: net: hns3: fix deadlock issue when externellb and reset are executed together When externellb and...
CVE-2026-5754
Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...
CLEANSTART-2026-BZ28794 Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service
Multiple security vulnerabilities affect the aws-load-balancer-controller package. Validating certificate chains which use policies is unexpectedly inefficient when certificates in the chain contain a very large number of policy mappings, possibly causing denial of service. See references for...
EUVD-2026-22677
Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...
CVE-2026-5754
Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...
CVE-2026-5754
Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...
CVE-2026-5754 Radware Alteon has a reflected XSS vulnerability
Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...
CVE-2026-5754 Radware Alteon has a reflected XSS vulnerability
Reflected Cross-Site Scripting XSS Vulnerability in Radware Alteon 34.5.4.0 vADC load-balancer allows an attacker to inject malicious scripts into the website, potentially leading to unauthorized actions, data theft, or other malicious activities...
CVE-2026-5754
Radware Alteon vADC load-balancer, version 34.5.4.0, contains a reflected XSS in the ReturnTo parameter of the /protected/login route due to lack of input sanitization. An attacker can craft a link that injects JavaScript, which is reflected in the victim’s browser, enabling actions such as steal...
PT-2026-32895
Name of the Vulnerable Software and Affected Versions Radware Alteon vADC load-balancer version 34.5.4.0 Description A Reflected Cross-Site Scripting XSS issue allows an attacker to inject malicious scripts into the website. This can lead to unauthorized actions, data theft, or other malicious...
SUSE CVE-2026-25854
Occasional URL redirection to untrusted Site 'Open Redirect' vulnerability in Apache Tomcat via the LoadBalancerDrainingValve. This issue affects Apache Tomcat: from 11.0.0-M1 through 11.0.18, from 10.1.0-M1 through 10.1.52, from 9.0.0.M23 through 9.0.115, from 8.5.30 through 8.5.100. Other,...
[SECURITY] Fedora 42 Update: dnsdist-1.9.12-1.fc42
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...
[SECURITY] Fedora 43 Update: dnsdist-2.0.3-1.fc43
dnsdist is a highly DNS-, DoS- and abuse-aware loadbalancer. Its goal in life is to route traffic to the best server, delivering top performance to legitimate users while shunting or blocking abusive traffic...