298 matches found
BIT-NGINX-GATEWAY-2026-1642 NGINX vulnerability
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...
Debian dsa-6131 : libnginx-mod-http-geoip - security update
The remote Debian 12 / 13 host has packages installed that are affected by a vulnerability as referenced in the dsa-6131 advisory. - ------------------------------------------------------------------------- Debian Security Advisory DSA-6131-1 [email protected] https://www.debian.org/security/...
USN-8038-1: nginx vulnerability
It was discovered that nginx incorrectly handled proxying to upstream TLS servers. An attacker could possibly use this issue to insert plain text data into the response from an upstream proxied server...
Mageia: Security Advisory (MGASA-2026-0033)
The remote host is missing an update for the SPDX-FileCopyrightText: 2026 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
CVE-2026-1642
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...
CVE-2026-1642 NGINX vulnerability
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...
CVE-2026-1642 NGINX vulnerability
A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data in...
CVE-2026-1642
The CVE-2026-1642 entry describes a vulnerability in NGINX OSS and NGINX Plus when configured to proxy to upstream TLS servers. Under a MITM position on the upstream side and conditions outside the attacker’s control, an attacker may inject plain text data into the response from an upstream proxi...
K000159076: Quarterly Security Notification (February 2026)
Security Advisory Description On February 4, 2026, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities and security exposures to help determine the impact to your F5 devices. You can find the details of each issue in the associate...
K000159824: NGINX vulnerability CVE-2026-1642
Security Advisory Description A vulnerability exists in NGINX OSS and NGINX Plus when configured to proxy to upstream Transport Layer Security TLS servers. An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be abl...
MiracleLinux 7 : rh-nginx116-nginx-1.16.1-6.0.1.el7.AXS7 (AXSA:2021-1875:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1875:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
MiracleLinux 7 : rh-nginx116-nginx-1.16.1-4.1.0.1.el7.AXS7, rh-nginx116-1.16-1.el7 (AXSA:2021-1752:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1752:01 advisory. nginx: HTTP request smuggling via error pages in http/ngxhttpspecialresponse.c CVE-2019-20372 Tenable has extracted the preceding description block directly...
MiracleLinux 9 : nginx:1.22 (AXSA:2025-9815:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9815:01 advisory. nginx: specially crafted MP4 file may cause denial of service CVE-2024-7347 Tenable has extracted the preceding description block directly from the...
CVE-2022-38890
Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...
CVE-2019-11839
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njsarrayprototypepush in njs/njsarray.c, because of njsarrayexpand size mishandling...
CVE-2019-12938
The Roundcube component of Analogic Poste.io 2.1.6 uses .htaccess to protect the logs/ folder, which is effective with the Apache HTTP Server but is ineffective with nginx. Attackers can read logs via the webmail/logs/sendmail URI...
Security Bulletin: Vulnerability in nginx affects IBM Netezza Appliance
Summary The nginx package is used by IBM Netezza Appliance . IBM Netezza Appliance has addressed the applicable CVE CVE-2025-23419 Vulnerability Details CVEID:CVE-2025-23419 DESCRIPTION: When multiple server blocks are configured to share the same IP address and port, an attacker can use session...
EUVD-2012-2095
Malware in sbrugna...
EUVD-2019-18539
Malware in sbrugna...
EUVD-2012-3352
Malware in sbrugna...