Security Bulletin: IBM Watson Discovery for IBM Cloud Pak for Data affected by vulnerability in Nginx

Summary IBM Watson Discovery for IBM Cloud Pak for Data contains a vulnerable version of Nginx Vulnerability Details CVEID:CVE-2024-32760 DESCRIPTION: F5 NGINX Plus and NGINX Open Source are vulnerable to a denial of service, caused by a flaw when configured to use the HTTP/3 QUIC module. By...

CVE-2024-43804 OS Command Injection via Port Scan Functionality in Roxy-WI

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. An OS Command Injection vulnerability allows any authenticated user on the application to execute arbitrary code on the web application server via port scanning functionality. User-supplied input is used withou...

CVE-2024-43804 OS Command Injection via Port Scan Functionality in Roxy-WI

Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. An OS Command Injection vulnerability allows any authenticated user on the application to execute arbitrary code on the web application server via port scanning functionality. User-supplied input is used withou...

SUSE CVE-2024-7646

A security issue was discovered in ingress-nginx where an actor with permission to create Ingress objects in the networking.k8s.io or extensions API group can bypass annotation validation to inject arbitrary commands and obtain the credentials of the ingress-nginx controller. In the default...

ROS-20240827-15

A vulnerability in the ngxhttpv4module module of the NGINX Plus and NGINX OSS web servers is related to reading out-of-bounds memory. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected information...

Exploit for Unprotected Alternate Channel in Rockwellautomation Allen-Bradley_Stratix_5200_Firmware

CVE-2023-20198 Exploit PoC for CVE-2023-20198 Description...

[SECURITY] Fedora 40 Update: nginx-mod-fancyindex-0.5.2-7.fc40

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

[SECURITY] Fedora 40 Update: nginx-mod-vts-0.2.2-9.fc40

Nginx virtual host traffic status module...

[SECURITY] Fedora 40 Update: nginx-mod-naxsi-1.6-6.fc40

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

[SECURITY] Fedora 40 Update: nginx-mod-modsecurity-1.0.3-13.fc40

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

[SECURITY] Fedora 40 Update: nginx-1.26.2-1.fc40

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

[SECURITY] Fedora 39 Update: nginx-mod-vts-0.2.2-9.fc39

Nginx virtual host traffic status module...

[SECURITY] Fedora 39 Update: nginx-mod-naxsi-1.6-6.fc39

naxsi is an nginx module that provides score based Web Application Firewall WAF abilities in a highly granular fashion...

[SECURITY] Fedora 39 Update: nginx-1.26.2-1.fc39

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

[SECURITY] Fedora 39 Update: nginx-mod-fancyindex-0.5.2-5.fc39

The Fancy Index module makes possible the generation of file listings, like the built-in autoindex module does, but adding a touch of style. This is possible because the module allows a certain degree of customization of the generated content: Custom headers. Either local or stored remotely. Cust...

[SECURITY] Fedora 39 Update: nginx-mod-modsecurity-1.0.3-13.fc39

The ModSecurity-nginx connector is the connection point between nginx and libmodsecurity ModSecurity v3. Said another way, this project provides a communication channel between nginx and libmodsecurity. This connector is required to use LibModSecurity with nginx. The ModSecurity-nginx connector...

Fedora 39 : nginx / nginx-mod-fancyindex / nginx-mod-modsecurity / etc (2024-8ba5080dfa)

The remote Fedora 39 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2024-8ba5080dfa advisory. Security: processing of a specially crafted mp4 file by the ngxhttpmp4module might cause a worker process crash CVE-2024-7347. Thanks to Nils Bars. Tenable h...

Fedora: Security Advisory for nginx-mod-naxsi (FEDORA-2024-8ba5080dfa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for nginx-mod-vts (FEDORA-2024-6ba57fd2a3)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Fedora: Security Advisory for nginx-mod-fancyindex (FEDORA-2024-8ba5080dfa)

The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...