446 matches found
PT-2026-34833
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the haproxy section save interface presents a vulnerability that could lead to remote code execution due to path traversal and writing into scheduled tasks. Version 8.2.6.4 fixes the...
PT-2026-34834
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the oldconfig parameter in the haproxy section save interface has an arbitrary file read vulnerability. Version 8.2.6.4 fixes the issue...
CVE-2026-33431 Roxy-WI Vulnerable to Authenticated Arbitrary File Read via Path Traversal in Config Version Viewer
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...
PT-2026-33845
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Prior to version 8.2.6.4, the POST /config//show API endpoint accepts a configver parameter that is directly appended to a base directory path to construct a local file path, which is subsequently opened and it...
PT-2026-33846
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. In versions up to and including 8.2.8.2, when LDAP authentication is enabled, Roxy-WI constructs an LDAP search filter by directly concatenating the user-supplied login username into the filter string without...
Roxy-WI 安全漏洞
Roxy-WI is an open-source web interface designed for managing Haproxy, Nginx, and Keepalived servers. Roxy-WI versions 8.2.8.2 and earlier contain security vulnerabilities. These vulnerabilities stem from the lack of escaping special characters in usernames during LDAP authentication, which could...
Azure Linux 3.0 Security Update: keepalived (CVE-2024-41184)
The version of keepalived installed on the remote Azure Linux 3.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-41184 advisory. - In the vrrpipsetshandler handler fglobalparser.c of keepalived through 2.3.1, an integer overflow can...
MiracleLinux 8 : keepalived-2.1.5-8.el8.ML.1 (AXSA:2022-3396:02)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2022-3396:02 advisory. keepalived: dbus access control bypass CVE-2021-44225 Tenable has extracted the preceding description block directly from the MiracleLinux security advisory...
MiracleLinux 7 : keepalived-1.3.5-16.el7 (AXSA:2019-4318:03)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-4318:03 advisory. keepalived: Improper pathname validation allows for overwrite of arbitrary filenames via symlinks CVE-2018-19044 Tenable has extracted the preceding...
MiracleLinux 7 : keepalived-1.3.5-8.el7 (AXSA:2019-3747:01)
The remote MiracleLinux 7 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2019-3747:01 advisory. Security Fix - keepalived DoSCVE-2018-19115 CVEJVNhttp://jvndb.jvn.jp/ Tenable has extracted the preceding description block directly from the MiracleLinux...
MiracleLinux 9 : keepalived-2.2.8-4.el9_5 (AXSA:2025-9635:02)
The remote MiracleLinux 9 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9635:02 advisory. keepalived: Integer overflow vulnerability in vrrpipsetshandler CVE-2024-41184 Tenable has extracted the preceding description block directly from the...
MiracleLinux 8 : keepalived-2.1.5-10.el8_10 (AXSA:2025-9597:01)
The remote MiracleLinux 8 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2025-9597:01 advisory. keepalived: Integer overflow vulnerability in vrrpipsetshandler CVE-2024-41184 Tenable has extracted the preceding description block directly from the...
Astra Linux – Vulnerability in Keepalived
The vulnerability of the Keepalived network traffic balancing system is related to unvalidated array indexing. Exploiting this vulnerability allows an attacker to cause service failures...
EUVD-2011-1782
Malware in sbrugna...
EUVD-2018-10763
Malware in sbrugna...
EUVD-2018-10828
Malware in sbrugna...
EUVD-2018-10764
Malware in sbrugna...
EUVD-2018-10762
Malware in sbrugna...
EUVD-2023-32620
Malicious code in bioql PyPI...
EUVD-2021-31074
Malicious code in bioql PyPI...