6254 matches found
F5 Nginx 安全漏洞
F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 USA, distributed under the BSD-like protocol. A security vulnerability exists in F5 Nginx, which stems from a vulnerability that could allow an attacker to cause it to terminate by over-reading NGIN...
F5 Nginx 安全漏洞
F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 USA, distributed under the BSD-like protocol. A security vulnerability exists in F5 Nginx, which stems from the possibility that undisclosed requests may result in increased memory resource...
nginx -- Vulnerability in the ngx_http_mp4_module
The nginx development team reports: This update fixes the buffer overread vulnerability in the ngxhttpmp4module...
PT-2024-5858
Name of the Vulnerable Software and Affected Versions NGINX Open Source and NGINX Plus versions prior to 1.26.2 NGINX Open Source and NGINX Plus versions prior to 1.27.1 Description The issue is related to a buffer overread vulnerability in the ngx http mp4 module, which might allow an attacker t...
Security Bulletin: IBM Cloud Pak for Data is vulnerable to several issues due to go modules used in nginx ( CVE-2023-24532, CVE-2022-41724, CVE-2022-41725, CVE-2022-41723 )
Summary Nginx is used by IBM Cloud Pak for Data as part of the web interface. CVE-2023-24532, CVE-2022-41724, CVE-2022-41725, CVE-2022-41723. Vulnerability Details CVEID:CVE-2023-24532 DESCRIPTION: An unspecified error with return an incorrect result in the ScalarMult and ScalarBaseMult methods o...
ROS-20240725-01
Vulnerability of HTTP/3 QUIC module ngxhttpv3module of NGINX Plus and NGINX OSS web servers is related to null pointer dereferencing. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service. remotely to cause a denial of service using specially craft...
Exploit for Command Injection in Nginxui Nginx_Ui
CVE-2024-22198 - authenticated remote code execution in Nginx-...
Photon OS 3.0: Nginx PHSA-2022-3.0-0481
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0481. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Nginx PHSA-2024-4.0-0638
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-4.0-0638. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Nginx PHSA-2024-5.0-0302
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2024-5.0-0302. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Nginx PHSA-2022-3.0-0382
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2022-3.0-0382. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Nginx PHSA-2023-3.0-0606
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0606. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Nginx PHSA-2023-5.0-0078
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0078. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 5.0: Nginx PHSA-2023-5.0-0123
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0123. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 3.0: Nginx PHSA-2023-3.0-0672
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-3.0-0672. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
Photon OS 4.0: Nginx PHSA-2023-4.0-0495
An update of the nginx package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-4.0-0495. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
CVE-2020-24347 affecting package nginx for versions less than 1.25.4-1
CVE-2020-24347 affecting package nginx for versions less than 1.25.4-1. A patched version of the package is available...
CVE-2024-41668
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...
CVE-2024-41668
The CVE-2024-41668 affects cBioPortal for Cancer Genomics. A publicly exposed proxy endpoint without authentication allows Server-Side Request Forgery (SSRF); logged-in users can exploit this on private instances too. A fix is available in version 6.0.12. As a workaround, disable the /proxy endpo...
CVE-2024-41668 cBioPortal Proxy Endpoint Vulnerabliity
The cBioPortal for Cancer Genomics provides visualization, analysis, and download of large-scale cancer genomics data sets. When running a publicly exposed proxy endpoint without authentication, cBioPortal could allow someone to perform a Server Side Request Forgery SSRF attack. Logged in users...