859 matches found
Oracle Linux 8 : nginx:1.24 (ELSA-2026-5581)
The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5581 advisory. - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 - Resolves: RHEL-12728 -...
nginx:1.24 security update
1.24.0-2.0.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-2 - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-1 - Resolves: RHEL-14714 - add nginx:1.24 to RHEL 8.10 1:1.22.1-2 - Resolves:...
Moderate: nginx security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...
Moderate: nginx:1.24 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...
Siemens APE1808 Insertion of Sensitive Information into Sent Data (CVE-2024-46665)
An insertion of sensitive information into sent data vulnerability CWE-201 in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests. This plugin only works with Tenable.o...
AlmaLinux 10 : nginx (ALSA-2026:4705)
The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:4705 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...
USN-8106-1 valkey vulnerabilities
It was discovered that Valkey incorrectly handled errors for lua scripts. An attacker could possibly use this issue to inject arbitrary information into the response stream for other clients. CVE-2025-67733 It was discovered that Valkey incorrectly handled malformed cluster bus messages. A remote...
CVE-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection
A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the soupmessagenew function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF Carriage Return Line Feed injection, occurs because the method value is not properly...
CVE-2026-3633
A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the soupmessagenew function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF Carriage Return Line Feed injection, occurs because the method value is not properly...
nginx security update
2:1.26.3-2.0.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-2 - CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections...
Oracle Linux 10 : nginx (ELSA-2026-4705)
The remote Oracle Linux 10 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-4705 advisory. 2:1.26.3-2.0.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-2 - CVE-2026-1642 nginx: NGINX: Data injection via man-in-the-middle atta...
ALSA-2026:4705 Moderate: nginx security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...
MiracleLinux 9 : nginx:1.26 (AXSA:2026-323:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-323:01 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block...
RHEL 10 : nginx (RHSA-2026:4705)
The remote Redhat Enterprise Linux 10 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4705 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
RLSA-2026:4235 Moderate: nginx:1.26 security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...
Adversarial Reinforcement Learning for Detecting False Data Injection Attacks in Vehicular Routing
In modern transportation networks, adversaries can manipulate routing algorithms using false data injection attacks, such as simulating heavy traffic with multiple devices running crowdsourced navigation applications, to mislead vehicles toward suboptimal routes and increase congestion. To addres...
RockyLinux 9 : nginx:1.26 (RLSA-2026:4235)
The remote RockyLinux 9 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:4235 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...
AlmaLinux 9 : nginx:1.26 (ALSA-2026:4235)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:4235 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...
RHEL 9 : nginx:1.26 (RHSA-2026:4235)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:4235 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections
A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...