6251 matches found
CVE-2025-34203
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 VA and SaaS deployments contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components examples:...
CVE-2025-34203 Vasion Print (formerly PrinterLogic) Use of Outdated, End-Of-Life, and Vulnerable Third-Party Components
Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 and Application versions prior to 20.0.2614 VA and SaaS deployments contain multiple Docker containers that include outdated, end-of-life, unsupported, or otherwise vulnerable third-party components examples:...
CVE-2025-34203
Vasion Print Virtual Appliance Host <22.0.1002 and Vasion Print Application
PT-2025-38601
Name of the Vulnerable Software and Affected Versions Vasion Print formerly PrinterLogic Virtual Appliance Host versions prior to 22.0.1002 Vasion Print formerly PrinterLogic Application versions prior to 20.0.2614 Description Vasion Print formerly PrinterLogic Virtual Appliance Host and...
CVE-2025-53859 affecting package nginx for versions less than 1.25.4-5
CVE-2025-53859 affecting package nginx for versions less than 1.25.4-5. A patched version of the package is available...
CVE-2023-49564
The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This flaw allows attackers to reach restricted or sensitive endpoints of the HTTP API without providing any valid...
CVE-2023-49564
CVE-2023-49564 : The CBIS/NCS Manager API is vulnerable to an authentication bypass. A specially crafted HTTP header from an unauthenticated user can access restricted API functions. Root cause is a weak verification mechanism in the authentication implementation within the Nginx Podman container...
CVE-2023-49564 Authentication Bypass
The CBIS/NCS Manager API is vulnerable to an authentication bypass. By sending a specially crafted HTTP header, an unauthenticated user can gain unauthorized access to API functions. This flaw allows attackers to reach restricted or sensitive endpoints of the HTTP API without providing any valid...
PT-2025-38296
Name of the Vulnerable Software and Affected Versions CBIS/NCS Manager affected versions not specified Description The CBIS/NCS Manager API is susceptible to an authentication bypass. An unauthenticated user can gain unauthorized access to API functions by sending a specially crafted HTTP header...
Security update for nginx
This update for nginx fixes the following issues: CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 bsc1236851. Patch...
SUSE-SU-2025:03243-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. - CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 bsc1236851...
unit-java -- security vulnerability
F5 reports: When NGINX Unit with the Java Language Module is in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization...
FreeBSD : unit-java -- security vulnerability (f6ca7c47-9190-11f0-b8da-589cfc10a551)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f6ca7c47-9190-11f0-b8da-589cfc10a551 advisory. F5 reports: When NGINX Unit with the Java Language Module is in use, undisclosed requests can lead to a...
Use Of Default Credentials
nginx-defender is vulnerable to Use of Default Credentials. The vulnerability is due to insecure configuration due to default administrative passwords being present in example configuration files, allowing attackers with network access to gain full administrative control if not changed...
vulhub
This is a pre-built vulnerable environment based on Docker-Compose, provided by the Vulhub project. The repository contains a collection of vulnerable applications and services, along with their corresponding Dockerfiles and configuration files. The vulnerable environments are designed to help...
OESA-2025-2136 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...
Security update for nginx
This update for nginx fixes the following issues: CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 bsc1236851. Patch...
SUSE-SU-2025:03089-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2025-53859: the server side may leak arbitrary bytes during the NGINX SMTP authentication process bsc1248070. - CVE-2025-23419: session resumption can bypass client certificate authentication requirements using TLSv1.3 bsc1236851...
Exploit for Off-by-one Error in F5 Nginx
vulnerability in NGINX servers versions 0.6.18–1.20.0. The scr...
NGINX ngx_mail_smtp_module vulnerability
...