6254 matches found
FreeBSD : nginx-devel -- SSL session reuse vulnerability (9761af78-e3e4-11ef-9f4a-589cfc10a551)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the 9761af78-e3e4-11ef-9f4a-589cfc10a551 advisory. The nginx development team reports: This update fixes the SSL session reuse vulnerability. Tenable has...
CVE-2024-22197
Nginx-ui is online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. The Home Preference page exposes a small list of nginx settings such as Nginx Access Log Path and Nginx Error Log Path. However, the API also exposes testconfigcmd,...
CVE-2024-22198
Nginx-UI is a web interface to manage Nginx configurations. It is vulnerable to arbitrary command execution by abusing the configuration settings. The Home Preference page exposes a list of system settings such as Run Mode, Jwt Secret, Node Secret and Terminal Start Command. While the UI doesn't...
CVE-2024-22196
Nginx-UI is an online statistics for Server Indicators Monitor CPU usage, memory usage, load average, and disk usage in real-time. This issue may lead to information disclosure. By using DefaultQuery, the "desc" and "id" values are used as default values if the query parameters are not set. Thu...
CVE-2024-53991
Discourse is an open source platform for community discussion. This vulnerability only impacts Discourse instances configured to use FileStore::LocalStore which means uploads and backups are stored locally on disk. If an attacker knows the name of the Discourse backup file, the attacker can trick...
Security Bulletin: Vulnerabilities in Node.js, Golang Go, HTTP/2, NGINX, OpenSSH, Linux kernel might affect IBM Spectrum Protect Plus
Summary IBM Spectrum Protect Plus can be affected by vulnerabilities in Node.js, Golang Go, HTTP/2, NGINX, OpenSSH and Linux. Vulnerabilities include, causing a denial-of-service condition, the elevation of privileges, remote execution of arbitrary code, HTTP header injection, HTML injection,...
openSUSE: Security Advisory for nginx (SUSE-SU-2025:0282-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Advisory (SUSE-SU-2025:0283-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2025:0282-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for nginx
This update for nginx fixes the following issues: CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack bsc1216171 CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing invalid chunk information bsc1229155 Patch Instructions: To install this SUSE update use the SUSE recommended...
SUSE-SU-2025:0283-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack bsc1216171 - CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing invalid chunk information bsc1229155...
Security update for nginx
This update for nginx fixes the following issues: CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack bsc1216171 CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing invalid chunk information bsc1229155 Patch Instructions: To install this SUSE update use the SUSE recommended...
SUSE-SU-2025:0282-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack bsc1216171 - CVE-2024-7347: Fixed worker crashes on special crafted mp4 files containing invalid chunk information bsc1229155...
SUSE SLES15 Security Update : nginx (SUSE-SU-2025:0282-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0282-1 advisory. - CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack bsc1216171 - CVE-2024-7347: Fixed worker crashes on special crafted mp4 files...
SUSE SLES15 / openSUSE 15 Security Update : nginx (SUSE-SU-2025:0283-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2025:0283-1 advisory. - CVE-2023-44487: Mitigate HTTP/2 Rapid Reset Attack bsc1216171 - CVE-2024-7347: Fixed worker crashes on special...
Security Bulletin: A vulnerability in nginx affects IBM Robotic Process Automatin for Cloud Pak and may result in a denial of service (CVE-2024-7347)
Summary A vulnerability in nginx affects IBM Robotic Process Automatin for Cloud Pak and may result in a denial of service. nginx is used by IBM Robotic Process Automation as part of it's container deployment. This bulletin identifies the security fix to apply to address the vulnerability...
Security Bulletin: IBM InfoSphere Information Server is affected by a vulnerability in Kubernetes ingress-nginx (CVE-2024-7646)
Summary A vulnerability in Kubernetes ingress-nginx that is used by InfoSphere Information Server was addressed. Vulnerability Details CVEID:CVE-2024-7646 DESCRIPTION: Kubernetes ingress-nginx could allow a remote authenticated attacker to execute arbitrary commands on the system, caused by an...
CVE-2024-45336 vulnerabilities
Vulnerabilities for packages: kapp, restic-fips, http-echo, kube-bench, postgres-operator-fips, rabbitmq-messaging-topology-operator, kube-state-metrics, kapp-controller-fips, rclone-fips, git-lfs, fq, prometheus-beat-exporter-fips, flux-kustomize-controller-fips, kserve-modelmesh-serving,...
CVE-2025-23776
Missing Authorization vulnerability in ekaterir Cache Sniper for Nginx snipe-nginx-cache allows Exploiting Incorrectly Configured Access Control Security Levels.This issue affects Cache Sniper for Nginx: from n/a through = 1.0.4.2...
CVE-2025-23776
In the provided documents, no public technical details (affected product/version/root cause/impact/fix) are disclosed for CVE-2025-23776. Descriptions are generic; monitor for future updates from official advisories (Red Hat, others) before any risk assessment or remediation is possible.