SUSE SLES15 Security Update : nginx (SUSE-SU-2019:0334-1)

This update for nginx to version 1.14.2 fixes the following issues : Security vulnerabilities addressed : CVE-2018-16843 CVE-2018-16844: Fixed an issue whereby a client using HTTP/2 might cause excessive memory consumption and CPU usage bsc1115025 bsc1115022. CVE-2018-16845: Fixed an issue which...

SUSE-SU-2019:0334-1 Security update for nginx

This update for nginx to version 1.14.2 fixes the following issues: Security vulnerabilities addressed: - CVE-2018-16843 CVE-2018-16844: Fixed an issue whereby a client using HTTP/2 might cause excessive memory consumption and CPU usage bsc1115025 bsc1115022. - CVE-2018-16845: Fixed an issue whic...

CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

Heap overflow

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...

CVE-2019-7401

NGINX Unit is affected by CVE-2019-7401: a heap-based buffer overflow in the router process when handling specially-crafted requests. Exploitation can cause a denial of service (router process crash) and may have unspecified other impact. Affected is Unit versions before 1.7.1. Reported remediati...

PT-2019-1582 · Nginx · Nginx Unit

Name of the Vulnerable Software and Affected Versions: NGINX Unit versions prior to 1.7.1 Description: The issue is caused by a heap-based buffer overflow in the router process, potentially allowing an attacker to cause a denial of service router process crash or possibly have other unspecified...

Photon OS 1.0: Nginx PHSA-2016-0012

An update of the nginx package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2016-0012. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121651;...

Photon OS 1.0: Nginx PHSA-2018-1.0-0201

An update of the nginx package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2018-1.0-0201. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121900...

Photon OS 2.0: Nginx PHSA-2019-2.0-0117

An update of the nginx package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2019-2.0-0117. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid122023...

RedELK - Easy Deployable Tool For Red Teams Used For Tracking And Alarming About Blue Team Activities As Well As Better Usability In Long Term Operations

Red Team's SIEM - easy deployable tool for Red Teams used for tracking and alarming about Blue Team activities as well as better usability for the Red Team in long term operations. Initial public release at BruCON 2018: Video: https://www.youtube.com/watch?v=OjtftdPts4g Presentation slides:...

PHP Uber-style GeoTracking 1.1 SQL Injection

Exploit Title: PHP Uber-style GeoTracking 1.1 - SQL Injection Dork: N/A Date: 2019-01-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-uberstyle-geotracking/20320021 Version: 1.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

PHP Uber-style GeoTracking 1.1 - SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Uber-style GeoTracking 1.1 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-uberstyle-geotracking/20320021 Version: 1.1 Category: Webapps Teste...

PHP Dashboards NEW 5.8 - dashID SQL Injection Vulnerability

Exploit for php platform in category web applications Exploit Title: PHP Dashboards NEW 5.8 - SQL Injection Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-dashboards-v50-brand-new-enterprise-edition/21540104 Version: 5.8 Category:...

PHP Uber-style GeoTracking 1.1 - SQL Injection

Exploit Title: PHP Uber-style GeoTracking 1.1 - SQL Injection Dork: N/A Date: 2019-01-21 Exploit Author: Ihsan Sencan Vendor Homepage: http://dataninja.biz Software Link: https://codecanyon.net/item/php-uberstyle-geotracking/20320021 Version: 1.1 Category: Webapps Tested on: WiN7x64/KaLiLinuXx64...

Wallarm to Sponsor AppSec Cali

If you are a SecOps or DevOps professional on the west coast you can not miss the premier California application security event: AppSec California, January 22–25th in Santa Monica. Here are testimonials from the previous AppSec Cali events: “I'm looking forward to AppSecCali next week. Last year...

Denial Of Service (DoS)

nginx is vulnerable to denial of service. The implementation of HTTP/2, when compiled with ngxhttpv2module and if the http2 option of the listen directive is used in a configuration file, contains a vulnerability which would allow an attacker to crash the service from excessive memory consumption...

Denial Of Service (DoS)

nginx is vulnerable to denial of service. An attacker is able to cause a infinite loop or a memory disclosure in ngxhttpmp4module via a malicious mp4 file...

Information Disclosure

rh-nginx110-nginx is vulnerable to information disclosure attacks. The vulnerability exists as nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by...