6253 matches found
Exploit for Off-by-one Error in F5 Nginx
vulnerability in NGINX servers versions 0.6.18–1.20.0. The scr...
NGINX ngx_mail_smtp_module vulnerability
...
njs through 0.4.3, used in NGINX, has an out-of-bounds read in njs_lvlhsh_level_find in njs_lvlhsh.c.
...
VulnCheck KEV: CVE-2023-50919
An issue was discovered on GL.iNet devices before version 4.5.0. There is an NGINX authentication bypass via Lua string pattern matching. This affects A1300 4.4.6, AX1800 4.4.6, AXT1800 4.4.6, MT3000 4.4.6, MT2500 4.4.6, MT6000 4.5.0, MT1300 4.3.7, MT300N-V2 4.3.7, AR750S 4.3.7, AR750 4.3.7, AR30...
SUSE SLES15 / openSUSE 15 : Recommended update for nginx (SUSE-SU-2025:03039-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2025:03039-1 advisory. - Drop root priviledges while running logrotate bsc1246090 Tenable has extracted the preceding description block directly fro...
Recommended update for nginx
This update for nginx fixes the following issues: Drop root priviledges while running logrotate bsc1246090 Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or "zypper patch". Alternatively you can run the command listed for your...
SUSE-SU-2025:03039-1 Recommended update for nginx
This update for nginx fixes the following issues: - Drop root priviledges while running logrotate bsc1246090...
Linux Distros Unpatched Vulnerability : CVE-2025-53859
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authenticati...
CVE-2025-48360
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Stored XSS.This issue affects Varnish/Nginx Proxy Caching: from n/a through = 1.8.3...
Versity panic induced by AWS chunked data sent to port
Sending AWS chunk data with no Content-Length HTTP header causes the panic, every time. Reproduction Setup versity server running on port 7071, no SSL for ease of packet tracing with tshark. Problem can be reproduced with or without SSL on the versity end. Use nginx to reverse proxy on port 7070...
GO-2025-3896 Default Credentials in nginx-defender Configuration Files in github.com/Anipaleja/nginx-defender
Default Credentials in nginx-defender Configuration Files in github.com/Anipaleja/nginx-defender...
OESA-2025-2089 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...
OESA-2025-2088 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...
OESA-2025-2087 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...
OESA-2025-2086 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...
CVE-2025-48360
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Stored XSS.This issue affects Varnish/Nginx Proxy Caching: from n/a through = 1.8.3...
CVE-2025-48360 WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching vcaching allows Stored XSS.This issue affects Varnish/Nginx Proxy Caching: from n/a through = 1.8.3...
CVE-2025-48360 WordPress Varnish/Nginx Proxy Caching plugin <= 1.8.3 - Cross Site Scripting (XSS) vulnerability
Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in Razvan Stanga Varnish/Nginx Proxy Caching allows Stored XSS. This issue affects Varnish/Nginx Proxy Caching: from n/a through 1.8.3...
CVE-2025-48360
CVE-2025-48360 affects the WordPress Varnish/Nginx Proxy Caching plugin (versions up to 1.8.3). The issue is an improper neutralization of input during web page generation, leading to stored XSS. Public sources in the connected data confirm this vulnerability, its association with the plugin, and...
WordPress plugin Varnish/Nginx Proxy Caching 跨站脚本漏洞
WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a blogging platform developed using the PHP language. The platform supports setting up personal blog sites on servers with PHP and MySQL.WordPress plugin is an application plugin. A cross-site scripting...