Lucene search
K

178 matches found

BDU FSTEC
BDU FSTEC
added 2024/06/05 12:0 a.m.8 views

The vulnerability of the HTTP/3 QUIC module (ngx_http_v3_module) in NGINX Plus and NGINX OSS web servers allows a attacker to cause a service failure.

The vulnerability of the HTTP/3 QUIC module ngxhttpv3module in NGINX Plus and NGINX OSS relates to the assignment of the zero pointer. Exploiting this vulnerability can allow a malicious actor to cause service interruptions by sending specially crafted HTTP/3 requests...

7.8CVSS6.6AI score0.00917EPSS
Exploits0References7Affected Software3
SUSE CVE
SUSE CVE
added 2024/05/31 3:14 a.m.4 views

SUSE CVE-2024-34161

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously freed memory...

5.3CVSS8.4AI score0.00867EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/05/30 8:33 a.m.40 views

CVE-2024-35200

A flaw was found in the nginx HTTP/3 implementation. This issue may allow an attacker using a specially crafted QUIC session to trigger a NULL pointer dereference error, causing worker processes to crash and lead to a denial of service. Mitigation Mitigation for this issue is either not available...

7.5CVSS5.9AI score0.00917EPSS
Exploits0References4
SUSE CVE
SUSE CVE
added 2024/05/30 2:58 a.m.4 views

SUSE CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact...

6.5CVSS7.5AI score0.00848EPSS
Exploits0References3
OSV
OSV
added 2024/05/29 4:15 p.m.3 views

ALPINE-CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

5.3CVSS7AI score0.00917EPSS
Exploits0References1
OSV
OSV
added 2024/05/29 4:15 p.m.3 views

ALPINE-CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact...

6.5CVSS7AI score0.00848EPSS
Exploits0References1
OSV
OSV
added 2024/05/29 4:15 p.m.2 views

DEBIAN-CVE-2024-32760

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 encoder instructions can cause NGINX worker processes to terminate or cause or other potential impact...

6.5CVSS6.9AI score0.00848EPSS
Exploits0References1
OSV
OSV
added 2024/05/29 4:15 p.m.4 views

ALPINE-CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

4.8CVSS6.9AI score0.00872EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2024/05/29 4:15 p.m.25 views

CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

5.3CVSS6.8AI score0.00917EPSS
Exploits0References3
AlpineLinux
AlpineLinux
added 2024/05/29 4:2 p.m.32 views

CVE-2024-35200

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate...

5.3CVSS5.7AI score0.00917EPSS
Exploits0
Debian CVE
Debian CVE
added 2024/05/29 4:2 p.m.33 views

CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

4.8CVSS5.3AI score0.00872EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/05/29 1:46 p.m.51 views

K000139628: Out-of-band Security Notification (May 29, 2024)

Security Advisory Description On May 29, 2024, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. You can watch t...

6.5CVSS6.5AI score0.00917EPSS
Exploits0
F5 Networks
F5 Networks
added 2024/05/29 1:35 p.m.48 views

K000139627: NGINX HTTP/3 QUIC vulnerability CVE-2024-34161

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module and the network infrastructure supports a Maximum Transmission Unit MTU of 4096 or greater without fragmentation, undisclosed QUIC packets can cause NGINX worker processes to leak previously...

5.3CVSS7AI score0.00867EPSS
Exploits0Affected Software2
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.4 views

F5 Nginx 安全漏洞

NGINX is an HTTP and reverse proxy server, email proxy server and general purpose TCP/UDP proxy server. F5 NGINX Plus and NGINX Open Source denial of service vulnerability can be exploited by unauthenticated, remote attackers to cause a denial of service...

5.3CVSS6.8AI score0.00917EPSS
Exploits0References4
CNVD
CNVD
added 2024/05/29 12:0 a.m.7 views

F5 NGINX Plus and NGINX Open Source Denial of Service Vulnerability (CNVD-2024-25362)

NGINX is an HTTP and reverse proxy server, email proxy server and general purpose TCP/UDP proxy server. F5 NGINX Plus and NGINX Open Source denial of service vulnerability can be exploited by unauthenticated, remote attackers to cause a denial of service...

5.3CVSS6.7AI score0.00917EPSS
Exploits0References1
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.4 views

F5 Nginx 安全漏洞

NGINX is an HTTP and reverse proxy server, email proxy server and general purpose TCP/UDP proxy server. An information disclosure vulnerability exists in F5 NGINX Plus and NGINX Open Source, which can be exploited by an unauthenticated, remote attacker to gain access to previously freed memory...

5.3CVSS6.5AI score0.00867EPSS
Exploits0References4
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.5 views

F5 Nginx 安全漏洞

NGINX is an HTTP and reverse proxy server, email proxy server and general purpose TCP/UDP proxy server. A denial of service vulnerability exists in F5 NGINX Plus and NGINX Open Source, which can be exploited by an unauthenticated, remote attacker to cause a denial of service...

4.8CVSS6.8AI score0.00872EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/05/29 12:0 a.m.5 views

PT-2024-3974

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX OSS affected versions not specified Description The issue is related to a null pointer dereference in the HTTP/3 QUIC module ngx http v3 module of NGINX Plus and NGINX OSS. This can be exploited...

7.8CVSS6.1AI score0.00917EPSS
Exploits0References20
CNNVD
CNNVD
added 2024/05/29 12:0 a.m.4 views

F5 Nginx 安全漏洞

NGINX is an HTTP and reverse proxy server, email proxy server and general purpose TCP/UDP proxy server. A denial of service vulnerability exists in F5 NGINX Plus and NGINX Open Source, which can be exploited by an unauthenticated, remote attacker to cause a denial of service...

6.5CVSS6.8AI score0.00848EPSS
Exploits0References4
CNVD
CNVD
added 2024/05/29 12:0 a.m.8 views

F5 NGINX Plus and NGINX Open Source Denial of Service Vulnerability (CNVD-2024-25363)

NGINX is an HTTP and reverse proxy server, email proxy server and general purpose TCP/UDP proxy server. A denial of service vulnerability exists in F5 NGINX Plus and NGINX Open Source, which can be exploited by an unauthenticated, remote attacker to cause a denial of service...

6.5CVSS6.7AI score0.00848EPSS
Exploits0References1
Rows per page
Query Builder