6251 matches found
CVE-2019-15517
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal...
CVE-2019-15517
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal...
Directory traversal
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal...
CVE-2019-15517
jc21 Nginx Proxy Manager before 2.0.13 allows %2e%2e%2f directory traversal...
CVE-2019-15517
jc21 Nginx Proxy Manager
Debian DSA-4505-1 : nginx - security update (0-Length Headers Leak) (Data Dribble) (Resource Loop)
Three vulnerabilities were discovered in the HTTP/2 code of Nginx, a high-performance web and reverse proxy server, which could result in denial of service. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Debian Security Advisory DSA-450...
[SECURITY] [DSA 4505-1] nginx security update
------------------------------------------------------------------------- Debian Security Advisory DSA-4505-1 [email protected] https://www.debian.org/security/ Moritz Muehlenhoff August 22, 2019 https://www.debian.org/security/faq -...
[SECURITY] Fedora 30 Update: nginx-1.16.1-1.fc30
Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...
The vulnerability relates to the implementation of the HTTP/2 network protocol on Windows operating systems, nginx servers, network programming tools like netty, Envoy, SwiftNIO, and Node.js software platforms. This allows attackers to induce service failures.
The vulnerability of the HTTP/2 network protocol implementation in Windows operating systems, nginx servers, network programming tools like Netty, Envoy, SwiftNIO, and Node.js software platforms is related to an uncontrolled resource consumption. Exploiting this vulnerability can allow a maliciou...
Fedora 30 : 1:nginx (2019-befd924cfe) (0-Length Headers Leak) (Data Dribble) (Resource Loop)
Fixes CVE-2019-9511, CVE-2019-9513, CVE-2019-9516 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. ...
DSA-4505-1 nginx - security update
Bulletin has no description...
Nginx 1.9.5 < 1.16.1 Multiple Vulnerabilties
According to its Server response header, the installed version of nginx is 1.9.5 to 1.16.0 or 1.17.x prior to 1.17.3. It is, therefore, affected by the following issues : - An excessive CPU usage in HTTP/2 with small window updates exists related to the module 'ngxhttpv2module'. CVE-2019-9511 - A...
Nginx 1.17.x < 1.17.3 Multiple Vulnerabilties
According to its Server response header, the installed version of nginx is 1.9.5 to 1.16.0 or 1.17.x prior to 1.17.3. It is, therefore, affected by the following issues : - An excessive CPU usage in HTTP/2 with small window updates exists related to the module 'ngxhttpv2module'. CVE-2019-9511 - A...
FreeBSD : NGINX -- Multiple vulnerabilities (87679fcb-be60-11e9-9051-4c72b94353b5) (0-Length Headers Leak) (Data Dribble) (Resource Loop)
NGINX Team reports : Several security issues were identified in nginx HTTP/2 implementation which might cause excessive memory consumption and CPU usage CVE-2019-9511, CVE-2019-9513, CVE-2019-9516. The issues affect nginx compiled with the ngxhttpv2module not compiled by default if the http2 opti...
Ubuntu 16.04 LTS / 18.04 LTS : nginx vulnerabilities (USN-4099-1)
The remote Ubuntu 16.04 LTS / 18.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-4099-1 advisory. Jonathan Looney discovered that nginx incorrectly handled the HTTP/2 implementation. A remote attacker could possibly use this issue to consu...
Joomla com_jsjobs 1.2.6 component - Arbitrary File Deletion Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! component comjsjobs 1.2.6 - Arbitrary File Deletion Dork: inurl:"index.php?option=comjsjobs" Exploit Author: qw3rTyTy Vendor Homepage: https://www.joomsky.com/ Software Link: https://www.joomsky.com/5/download/1 Version:...
Ubuntu: Security Advisory (USN-4099-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2019 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
nginx 1.9.5 < 1.16.1 / 1.17.x < 1.17.3 Multiple Vulnerabilities
According to its Server response header, the installed version of nginx is 1.9.5 prior to 1.16.1 or 1.17.x prior to 1.17.3. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in the HTTP/2 protocol stack due to improper handling o...
[ASA-201908-13] nginx: denial of service
Arch Linux Security Advisory ASA-201908-13 ========================================== Severity: Medium Date : 2019-08-16 CVE-ID : CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 Package : nginx Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1023 Summary ======= The...
[ASA-201908-12] nginx-mainline: denial of service
Arch Linux Security Advisory ASA-201908-12 ========================================== Severity: Medium Date : 2019-08-16 CVE-ID : CVE-2019-9511 CVE-2019-9513 CVE-2019-9516 Package : nginx-mainline Type : denial of service Remote : Yes Link : https://security.archlinux.org/AVG-1022 Summary =======...