6249 matches found
Nginx < 1.13.3 Integer Overflow
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is 1.13.3. It is, therefore, affected by an integer overflow vulnerability Note that the scanner has not tested for these issues but has instead relied only on the application's...
Nginx < 1.11.1 NULL Pointer Dereference
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is 1.11.1. It is, therefore, affected by an NULL pointer dereference vulnerability Note that the scanner has not tested for these issues but has instead relied only on the...
Nginx < 1.7.4 SMTP STARTTLS Command Injection
According to the self-reported version in the server response header, the version of nginx installed on the remote host is 1.5.6 or higher, 1.6.x prior to 1.6.1, or 1.7.x prior to 1.7.4. It is, therefore, affected by a command injection vulnerability. A flaw exists in the function...
Nginx < 1.8.1 Multiple Vulnerabilities
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 1.8.1 or 1.9.x prior to 1.9.10. It is, therefore, affected by multiple vulnerabilities as noted in the vendor advisory. Note that the scanner has not tested for these...
Nginx 1.9.x < 1.9.6 HTTPv2 PRI Double-Free DoS
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is 1.9.x prior to 1.9.6. It is, therefore, affected by a denial of service vulnerability due to a double-free memory error in the HTTPv2 module that is triggered when handling certa...
Nginx < 1.6.2 SSL Session Reuse
According to the self-reported version in the server response header, the version of nginx installed on the remote host is 0.5.6 or higher, 1.6.x prior to 1.6.2, or 1.7.x prior to 1.7.5. It is, therefore, affected by an SSL session or TLS session ticket key handling error. A flaw exists in the fi...
Nginx < 1.6.1 SMTP STARTTLS Command Injection
According to the self-reported version in the server response header, the version of nginx installed on the remote host is 1.5.6 or higher, 1.6.x prior to 1.6.1, or 1.7.x prior to 1.7.4. It is, therefore, affected by a command injection vulnerability. A flaw exists in the function...
Nginx < 1.4.7 SPDY Heap Buffer Overflow
According to the self-reported version in the server response header, the installed 1.3.x version of nginx is 1.3.15 or higher, or 1.4.x prior to 1.4.7, or 1.5.x prior to 1.5.12. It is, therefore, affected by a heap buffer overflow vulnerability. A flaw exists with the SPDY protocol implementatio...
Nginx < 1.5.12 SPDY Heap Buffer Overflow
According to the self-reported version in the server response header, the installed 1.3.x version of nginx is 1.3.15 or higher, or 1.4.x prior to 1.4.7, or 1.5.x prior to 1.5.12. It is, therefore, affected by a heap buffer overflow vulnerability. A flaw exists with the SPDY protocol implementatio...
Nginx < 1.4.1 ngx_http_proxy_module.c Multiple Vulnerabilities
According to its Server response header, the installed version of nginx is greater than or equal to 1.1.4 and prior to 1.2.9, or greater than or equal to 1.3.0 and prior to 1.4.1. It is, therefore, affected by multiple vulnerabilities : - A stack-based buffer overflow in 'ngxhttpparse.c' may allo...
nginx < 1.10.1 / 1.11.x < 1.11.1 Denial-of-Service Vulnerability
According to the self-reported version in its response header, the version of nginx hosted on the remote web server is less than 1.10.1, or 1.11.x less than 1.11.1. It is, therefore, affected by a denial of service vulnerability %NASLMINLEVEL 70300 C Tenable Network Security, Inc...
nginx Data Disclosure Vulnerability
According to its Server response header, the installed version of nginx is prior to 1.12.1 or 1.13.x prior to 1.13.3. It is, therefore, affected by an integer overflow vulnerability in the range filter module. An unauthenticated, remote attacker can exploit this, via a specially crafted request t...
FLIR Systems FLIR Thermal Traffic Cameras RTSP Stream Disclosure
FLIR Systems FLIR Thermal Traffic Cameras RTSP Stream Disclosure Vendor: FLIR Systems, Inc. Product web page: https://www.flir.com Affected firmware version: V1.01-0bb5b27 TrafiOne Codename: TrafiOne E1.00.09 TI BPL2 EDGE Codename: TIIP4EDGE V1.02.P01 TI x-stream Codename: TIIP2 V1.05.P01 ThermiC...
Wallarm Kubernetes Ingress Controller
Kubernetes is a popular technology which aims to improve how containers, microservices and other distributed components are managed across varied infrastructure. Since it was first announced by Google in 2014, it has grown in adoption and is now one of the leading system for automated deployment...
Nginx Default Index Page
The scanner has detected Nginx default index pages on the remote web server. This could potentially leak useful information about the server installation to a remote, unauthenticated attacker. No source data...
ZZCMS SQL Injection Vulnerability (CNVD-2018-15848)
ZZCMS is a CMS Content Management System used to quickly build Merchants type websites. A SQL injection vulnerability exists in line 5 of the zt/top.php file in ZZCMS 8.3 and earlier versions. A remote attacker can exploit this vulnerability by running ZZCMS in nginx to execute arbitrary SQL...
CVE-2018-1000653
zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx...
CVE-2018-1000653
zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx...
Sql injection
zzcms version 8.3 and earlier contains a SQL Injection vulnerability in zt/top.php line 5 that can result in could be attacked by sql injection in zzcms in nginx. This attack appear to be exploitable via running zzcms in nginx...
Photon OS 1.0: Dnsmasq / Grub2 / Haproxy / Linux / Nginx / Vim / Wget / Zookeeper PHSA-2016-0012 (deprecated)
An update of linux , wget , vim , grub2 , zookeeper , nginx , dnsmasq , haproxy packages for PhotonOS has been released. C Tenable Network Security, Inc. @DEPRECATED@ Disabled on 2/7/2019 The descriptive text and package checks in this plugin were extracted from VMware Security Advisory...