6249 matches found
CVE-2026-1616 osim: Path Traversal via query parameters in Nginx configuration
The $uri$args concatenation in nginx configuration file present in Open Security Issue Management OSIM prior v2025.9.0 allows path traversal attacks via query parameters...
CVE-2026-1616
OSIM is affected: the nginx configuration file uses the $uri$args concatenation in OSIM prior to v2025.9.0, enabling path traversal via query parameters. The MITRE/ATT&CK mapping is not confirmed in the provided docs. No explicit patch/version remediations are stated in the connected sources; det...
CVE-2026-1616
The $uri$args concatenation in nginx configuration file present in Open Security Issue Management OSIM prior v2025.9.0 allows path traversal attacks via query parameters...
PT-2026-5268
The $uri$args concatenation in nginx configuration file present in Open Security Issue Management OSIM prior v2025.9.0 allows path traversal attacks via query parameters...
Open Security Issue Management – Security Vulnerabilities
Open Security Issue Management is a web UI interface provided by Red Hat Product Security. Versions of Open Security Issue Management prior to v2025.9.0 contain security vulnerabilities. These vulnerabilities stem from improper concatenation of $uri$args in the nginx configuration file, which may...
Exploit for Out-of-bounds Read in Openssl
CVE-2014-0160 Lab dựng lab sử dụng Heartbleed để leak memory...
MiracleLinux 8 : nginx:1.20 (AXSA:2022-3028:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2022-3028:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
MiracleLinux 7 : rh-nginx116-nginx-1.16.1-4.1.0.1.el7.AXS7, rh-nginx116-1.16-1.el7 (AXSA:2021-1752:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1752:01 advisory. nginx: HTTP request smuggling via error pages in http/ngxhttpspecialresponse.c CVE-2019-20372 Tenable has extracted the preceding description block directly...
MiracleLinux 8 : nginx:1.16 (AXSA:2021-2307:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2307:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
MiracleLinux 7 : rh-nginx116-nginx-1.16.1-6.0.1.el7.AXS7 (AXSA:2021-1875:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1875:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
MiracleLinux 7 : rh-nginx118-nginx-1.18.0-3.el7 (AXSA:2021-1813:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1813:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
MiracleLinux 8 : nginx:1.18 (AXSA:2021-2309:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-2309:01 advisory. nginx: Off-by-one in ngxresolvercopy when labels are followed by a pointer to a root domain name CVE-2021-23017 Tenable has extracted the preceding descripti...
MiracleLinux 8 : nginx:1.16 (AXSA:2021-1530:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2021-1530:01 advisory. nginx: HTTP request smuggling in configurations with URL redirect used as errorpage CVE-2019-20372 Tenable has extracted the preceding description block...
MiracleLinux 9 : nginx:1.22 (AXSA:2023-6553:02)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6553:02 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 8 : nginx:1.22 (AXSA:2023-6517:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6517:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 9 : nginx-1.20.1-14.el9.1.ML.1 (AXSA:2023-6549:04)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6549:04 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 7 : rh-nginx120-nginx-1.20.1-1.0.2.el7.AXS7 (AXSA:2023-6580:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6580:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 8 : nginx:1.20 (AXSA:2023-6513:01)
The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2023-6513:01 advisory. HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 Tenable has extracted the preceding description...
MiracleLinux 7 : rh-nginx114-nginx-1.14.1-1.1.0.1.el7.AXS7, rh-nginx114-1.14-6.el7 (AXSA:2021-1753:01)
The remote MiracleLinux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the AXSA:2021-1753:01 advisory. HTTP/2: large amount of data request leads to denial of service CVE-2019-9511 HTTP/2: flood using PRIORITY frames resulting in excessive resource...
How to Manually Change the VSA Host Management Certificate
Purpose This article documents the procedure for updating the Host Management Certificate used by the VSA Veeam Software Appliance. Note: The ability to update the certificate via the VSA Host Management Console may be added in a future version; however, as of version 13.0, it must be completed b...