Deploy tCell More Easily With the New AWS AMI Agent

Rapid7's tCell is a powerful tool that allows you to monitor risk and protect web applications and APIs in real time. Great! It's a fundamental part of our push to make web application security as strong and comprehensive as it needs to be in an age when web application attacks account for roughl...

Exploit for Integer Overflow or Wraparound in F5 Nginx

CVE-2017-7529 Nginx versions since 0.5.6 up to and including 1...

Juniper Releases Patches for Critical Flaws in Junos OS and Contrail Networking

Juniper Networks has pushed security updates to address several vulnerabilities affecting multiple products, some of which could be exploited to seize control of affected systems. The most critical of the flaws affect Junos Space and Contrail Networking, with the tech company urging customers to...

Nginx 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS 0.7.5, which stems from a segmentation violation in...

Nginx 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS 0.7.5, which stems from a segmentation violation in...

Nginx 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS 0.7.5, which stems from a segmentation violation in...

Nginx 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS 0.7.4, which stems from a segmentation violation in...

Nginx 缓冲区错误漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is a scripting language component that extends the functionality of NGINX. A security vulnerability exists in Nginx NJS 0.7.4, which stems from an out-of-bounds read of njsscopevalue in th...

PT-2022-3708 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS version 0.7.4 Description: The issue is related to a buffer overflow in the njs value property function of the njs interpreter in the Nginx server. This could allow a remote attacker to execute arbitrary code. The problem is caused ...

Nginx 安全漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx Inc. in the United States. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS version v0.7.5, which stems from...

Fedora: Security Advisory for goloris (FEDORA-2022-3969b64d4b)

The remote host is missing an update for the Copyright C 2022 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

CVE-2021-40150

The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI...

CVE-2021-40150

The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI...

Design/Logic Flaw

The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI...

CVE-2021-40150

Reolink E1 Zoom Camera

CVE-2021-40150

The web server of the E1 Zoom camera through 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /conf/fastcgi.conf URI...

[SECURITY] Fedora 35 Update: goloris-0-0.6.20200326gita59fafb.fc35

Slowloris for NGINX DoS. Written in go...

[SECURITY] Fedora 35 Update: golang-github-path-network-mmproxy-2.1-3.fc35

go-mmproxy is a standalone application that unwraps HAProxy's PROXY protocol also adopted by other projects such as NGINX so that the network connection to the end server comes from client's - instead of proxy server's - IP address and port number...

CVE-2022-31161

Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocessexecute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 contains a patch for...

Security fix for the ALT Linux 9 package nginx version 1.22.0-alt1

1.22.0-alt1 built July 15, 2022 Anton Farygin in task 303522 July 12, 2022 Anton Farygin - 1.22.0 Fixes: CVE-2021-3618...