Lucene search
K

43 matches found

CNNVD
CNNVD
added 2023/04/09 12:0 a.m.4 views

F5 Nginx 缓冲区错误漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in F5 Nginx NJS version...

7.5CVSS7.2AI score0.0074EPSS
Exploits1References2
CNNVD
CNNVD
added 2023/04/09 12:0 a.m.5 views

F5 Nginx 缓冲区错误漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 USA, distributed under the BSD-like protocol. A security vulnerability exists in F5 Nginx version v0.7.10, which stems from a containment segmentation violation...

7.5CVSS7.3AI score0.0074EPSS
Exploits1References2
Positive Technologies
Positive Technologies
added 2023/01/11 12:0 a.m.54 views

PT-2023-5866

Name of the Vulnerable Software and Affected Versions Apache HTTP Server versions prior to 2.4.57 Bamboo Data Center and Server versions 8.1.0, 8.2.0, 9.0.0, 9.1.0, 9.2.1, and 9.3.0 F5 NGINX products affected versions not specified gRPC-Go versions prior to 1.56.3, 1.57.1, and 1.58.3 IBM HTTP...

7.8CVSS8.5AI score0.99999EPSS
Exploits19
IBM Security Bulletins
IBM Security Bulletins
added 2023/01/04 7:55 p.m.93 views

Security Bulletin: A vulnerability in nginx may affect IBM Robotic Process Automation for Cloud Pak resulting in a denial of service (CVE-2022-41741, CVE-2022-41742)

Summary There is a vulnerability in nginx used by IBM Robotic Process Automation for Cloud Pak as part of the container ingress controller that may result in a denial of service. This bulletin identifies the security fixes to apply to address this vulnerability. Vulnerability Details...

7.8CVSS7AI score0.01069EPSS
Exploits2Affected Software1
CNNVD
CNNVD
added 2022/10/19 12:0 a.m.4 views

F5 Nginx 缓冲区错误漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 USA, distributed under the BSD-like protocol. A buffer error vulnerability exists in F5 Nginx version 1.23.2, 1.22.1. An attacker could exploit this vulnerability to corrupt NGINX worker memory...

7.8CVSS7.6AI score0.00756EPSS
Exploits2References14
GithubExploit
GithubExploit
added 2022/06/30 4:39 a.m.1959 views

Exploit for Off-by-one Error in F5 Nginx

CVE-2021-23017-PoC pip install -r requirements.txt pytho...

7.7CVSS7AI score0.53461EPSS
Exploits10
CNVD
CNVD
added 2022/05/07 12:0 a.m.18 views

F5 NGINX Service Mesh Access Control Error Vulnerability

F5 NGINX Service Mesh F5 NSM is a fully integrated lightweight service mesh from F5 USA. Leveraging a data plane powered by NGINX Plus to manage container traffic in Kubernetes environments, F5 NGINX Service Mesh suffers from an access control error vulnerability that can be exploited by attacker...

6.5CVSS4AI score0.00326EPSS
Exploits0References1
CNNVD
CNNVD
added 2022/05/05 12:0 a.m.6 views

F5 NGINX Service Mesh 访问控制错误漏洞

F5 NGINX Service Mesh F5 NSM is a fully integrated lightweight service mesh from F5 USA. Leveraging a data plane powered by NGINX Plus to manage container traffic in Kubernetes environments, F5 NGINX Service Mesh suffers from an access control error vulnerability that can be exploited by attacker...

6.5CVSS6.6AI score0.00326EPSS
Exploits0References4
CNVD
CNVD
added 2022/01/21 12:0 a.m.21 views

F5 NGINX Controller API Code Injection Vulnerability

The F5 NGINX Controller is a self-service, API-driven platform for managing NGINIX Plus that can be easily integrated into CI/CD workflows to accelerate application deployment and simplify application lifecycle management. user" or "admin" role access and authenticated attackers can use an...

5.5CVSS1.9AI score0.0053EPSS
Exploits0References1
IBM Security Bulletins
IBM Security Bulletins
added 2021/08/12 10:14 p.m.48 views

Security Bulletin: Multiple vulnerabilities in F5 NGINX Controller affect IBM Cloud Pak for Automation

Summary The vulnerabilities are related to F5 NGINX Controller, included in the pfs-nginx-prod docker image, that is deployed by IBM Process Federation Server . Vulnerability Details CVEID: CVE-2021-23018 DESCRIPTION: F5 NGINX Controller could allow a remote attacker to obtain sensitive...

7.8CVSS1.3AI score0.53461EPSS
Exploits10Affected Software1
CNNVD
CNNVD
added 2021/07/05 12:0 a.m.4 views

F5 Nginx 信任管理问题漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. F5 Nginx is vulnerable to a trust management issue that stems from the presence of an ALPACA Application Layer Protocol Content Obfuscation attack, whic...

7.4CVSS7.4AI score0.02037EPSS
Exploits0References22
CNNVD
CNNVD
added 2021/05/25 12:0 a.m.5 views

F5 NGINX Controller 安全漏洞

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in F5 NGINX Controller that allows an attacker to forge UDP packets from a DNS serv...

7.7CVSS7.8AI score0.53461EPSS
Exploits10References59
Gitee
Gitee
added 2021/03/29 10:15 a.m.9 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an offensive tool for various areas. The repository contains a collection of vulnerable docker environments, including: CouchDB FFmpeg Git InfluxDB Jenkins Nginx Oracle Java Apache HTTP Server GitLab FastJSON Jenkins Electron The vulnerabilities include: CVE-2016-9086 GitLab CVE-2016-10134...

9.8CVSS7.5AI score0.99679EPSS
Exploits74
Gitee
Gitee
added 2020/07/30 7:50 p.m.10 views

Exploit for Improper Encoding or Escaping of Output in F5 Nginx

It is an open-source collection of pre-built vulnerable docker environments. The primary CVE ID is not explicitly mentioned, but the repository contains various vulnerable environments, including ones related to CVE-2016-9086, CVE-2017-1000353, CVE-2013-4547, and CVE-2018-1000006. The target...

9.8CVSS8.2AI score0.99679EPSS
Exploits53
CNVD
CNVD
added 2020/07/02 12:0 a.m.7 views

F5 NGINX Controller Input Validation Error Vulnerability (CNVD-2021-18400)

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in the installer in F5 NGINX Controller versions 2.8.0 through 2.9.0 and 3.0.0...

7.5CVSS6.8AI score0.01006EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/02 12:0 a.m.9 views

F5 NGINX Controller Trust Management Issues Vulnerability (CNVD-2021-18398)

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in F5 NGINX Controller versions 1.0.1, 2.0.0 through 2.9.0, and 3.0.0 through 3.5.0...

5.8CVSS6.7AI score0.004EPSS
Exploits0References1
CNVD
CNVD
added 2020/07/02 12:0 a.m.12 views

F5 NGINX Controller Authentication Vulnerability

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in the NGINX controller NATS messaging service in F5 NGINX Controller versions 1.0....

7.5CVSS6.5AI score0.01154EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/12 12:0 a.m.2 views

F5 NGINX Controller Cross-Site Scripting Vulnerability

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A cross-site scripting vulnerability exists in the NGINX Controller API in F5 NGINX Controller versions 3.3.0 throu...

9.6CVSS6.1AI score0.01466EPSS
Exploits0References1
CNVD
CNVD
added 2020/06/12 12:0 a.m.4 views

F5 NGINX Controller Authorization Issue Vulnerability (CNVD-2020-51553)

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. An authorization issue vulnerability exists in F5 NGINX Controller versions 3.0.0 through 3.4.0 in NGINX Controller...

7.8CVSS7.3AI score0.00185EPSS
Exploits0References1
CNVD
CNVD
added 2020/04/24 12:0 a.m.3 views

F5 NGINX Controller Trust Management Issue Vulnerability

F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in F5 NGINX Controller versions prior to 3.2.0, which stems from the fact that by...

7.4CVSS6.8AI score0.01033EPSS
Exploits0References1
Rows per page
Query Builder