EUVD-2022-38133

Malicious code in bioql PyPI...

PT-2024-6180 · Nginx · Nginx Agent

Name of the Vulnerable Software and Affected Versions: NGINX Agent affected versions not specified Description: The issue is related to the config dirs function of the NGINX Agent and NGINX Instance Manager platform, which allows an attacker to upload arbitrary files outside the intended director...

The vulnerabilities of the NGINX Instance Manager automation platform, the NGINX API Connectivity Manager connection management controller, and the NGINX Security Monitoring security monitoring and management platform are related to the improper use of standard permissions. This allows attackers to increase their privileges.

The vulnerabilities of the NGINX Instance Manager automation platform, the NGINX API Connectivity Manager for connection management, and the NGINX Security Monitoring platform are related to the improper use of standard permissions. Exploiting these vulnerabilities can allow attackers to increase...

Default credentials

NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

The vulnerability of the NGINX Agent and the NGINX Instance Manager automation platform, related to insufficient protection of registration data, allows a perpetrator to gain access to secret keys.

The vulnerability of the NGINX Agent and the NGINX Instance Manager automation platform is related to insufficient protection of registration data. Exploiting this vulnerability can allow attackers to gain access to secret keys...

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

Design/Logic Flaw

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

CVE-2023-1550 NGINX Agent vulnerability CVE-2023-1550

Insertion of Sensitive Information into log file vulnerability in NGINX Agent. NGINX Agent version 2.0 before 2.23.3 inserts sensitive information into a log file. An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when...

K000133135: NGINX Agent vulnerability CVE-2023-1550

Security Advisory Description NGINX Agent inserts sensitive information into a log file. CVE-2023-1550 Impact An authenticated attacker with local access to read agent log files may gain access to private keys. This issue is only exposed when the non-default trace level logging is enabled. Note :...

K37080719: NGINX Instance Manager vulnerability CVE-2022-35241

Security Advisory Description When NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. CVE-2022-35241 Impact System performance can degrade until system inodes become free. This vulnerability allows a remote, authenticated attacker to cause a...

The vulnerability of the NGINX Instance Manager automation platform, related to uncontrolled resource consumption, allows a hacker to trigger a service failure.

The vulnerability of the NGINX Instance Manager automation platform is related to an uncontrolled consumption of resources. Exploiting this vulnerability can allow a malicious actor to cause service interruptions...

CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

PT-2022-3993 · Nginx · Nginx Instance Manager

Name of the Vulnerable Software and Affected Versions: NGINX Instance Manager versions 1.x and earlier NGINX Instance Manager versions 2.x through 2.3.0 Description: The issue is related to uncontrolled resource consumption. It may allow a remote attacker to cause a denial of service. In affected...

CVE-2022-35241

In versions 2.x before 2.3.1 and all versions of 1.x, when NGINX Instance Manager is in use, undisclosed requests can cause an increase in disk resource utilization. Note: Software versions which have reached End of Technical Support EoTS are not evaluated...

F5 BIG-IP 资源管理错误漏洞

NGINX Instance Manager NIM is part of F5's NGINX Management Suite NMS.The NIM module provides a REST API that uses standard authentication methods and HTTP response code, among other things.A denial of service vulnerability exists in F5 NGINX Instance Manager, which stems from a When using NGINX...