Lucene search
K

848 matches found

Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.4 views

RHEL 9 : nginx:1.24 (RHSA-2026:3638)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:3638 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.4 views

AlmaLinux 9 : nginx:1.24 (ALSA-2026:3638)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:3638 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/05 12:0 a.m.4 views

Oracle Linux 9 : nginx:1.24 (ELSA-2026-3638)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-3638 advisory. - Resolves: RHEL-146526 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 - Resolves: RHEL-84480 -...

8.2CVSS6.8AI score0.00339EPSS
Exploits0References2
CNNVD
CNNVD
added 2026/03/04 12:0 a.m.8 views

Nozomi Networks Arc 信任管理问题漏洞

Nozomi Networks Arc is an endpoint detection and response proxy software developed by Nozomi Networks, Inc. Nozomi Networks Arc has a vulnerability related to trust management. This vulnerability arises from the lack of server certificate verification during the Arc agent’s connection process. It...

6.5CVSS5.8AI score0.00111EPSS
Exploits0References1
Oracle linux
Oracle linux
added 2026/03/04 12:0 a.m.91 views

nginx:1.24 security update

1.24.0-5.1.0.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 1:1.24.0-5.1 - Resolves: RHEL-146526 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-5 - Resolves:...

8.2CVSS5.9AI score0.00339EPSS
Exploits0
RedHat Linux
RedHat Linux
added 2026/03/03 11:35 a.m.3 views

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

8.2CVSS5.8AI score0.00339EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/03 11:35 a.m.8 views

Moderate: Red Hat Security Advisory: nginx:1.24 security update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References2
OSV
OSV
added 2026/03/03 12:0 a.m.4 views

ALSA-2026:3638 Moderate: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

8.2CVSS5.8AI score0.00339EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/03/03 12:0 a.m.10 views

Moderate: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

8.2CVSS5.9AI score0.00339EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2026/03/01 1:43 a.m.5 views

CVE-2026-28408

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

9.8CVSS6AI score0.00514EPSS
Exploits1References1
Packet Storm News
Packet Storm News
added 2026/02/28 12:0 a.m.8 views

Time Stepped Cyber Physical Simulation of DoS, DoD, and FDI Attacks on the IEEE 14 Bus System

Reliable grid operation depends on accurate and timely telemetry, making modern power systems vulnerable to communication layer cyberattacks. This paper evaluates how Denial of Service DoS, Denial of Data DoD, and False Data Injection FDI attacks disrupt the IEEE 14 bus system using a MATLAB only...

5.9AI score
Exploits0
NVD
NVD
added 2026/02/27 10:16 p.m.10 views

CVE-2026-28408

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

9.8CVSS0.00514EPSS
Exploits1References1
OSV
OSV
added 2026/02/27 9:49 p.m.7 views

CVE-2026-28408 WeGIA lacks authentication verification in adicionar_tipo_docs_atendido.php

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

9.8CVSS6AI score0.00514EPSS
Exploits1References3
Cvelist
Cvelist
added 2026/02/27 9:49 p.m.34 views

CVE-2026-28408 WeGIA lacks authentication verification in adicionar_tipo_docs_atendido.php

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

9.8CVSS0.00514EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2026/02/27 9:49 p.m.5 views

CVE-2026-28408 WeGIA lacks authentication verification in adicionar_tipo_docs_atendido.php

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

9.8CVSS6AI score0.00514EPSS
Exploits1References1
ATTACKERKB
ATTACKERKB
added 2026/02/27 9:49 p.m.6 views

CVE-2026-28408

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

9.8CVSS6AI score0.00514EPSS
Exploits1References2Affected Software1
CVE
CVE
added 2026/02/27 9:49 p.m.16 views

CVE-2026-28408

WeGIA web manager vulnerability in file adicionar_tipo_docs_atendido.php : before version 3.6.5, the script bypassed the central controller and lacked authentication/permission checks, allowing external actors to access employee-only features and inject unauthorized data into storage. No exploita...

9.8CVSS6AI score0.00514EPSS
Exploits1References1Affected Software1
EUVD
EUVD
added 2026/02/27 9:49 p.m.10 views

EUVD-2026-9079

WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the script in adicionartipodocsatendido.php does not go through the project's central controller and does not have its own authentication and permission checks. A malicious user could make a request through tools like...

9.8CVSS6AI score0.00514EPSS
Exploits1References1
F5 Networks
F5 Networks
added 2026/02/27 1:10 a.m.13 views

K000160172: PostgreSQL vulnerability CVE-2025-8714

Security Advisory Description Untrusted data inclusion in pgdump in PostgreSQL allows a malicious superuser of the origin server to inject arbitrary code for restore-time execution as the client operating system account running psql to restore the dump, via psql meta-commands. pgdumpall is also...

8.8CVSS6.1AI score0.00709EPSS
Exploits1
Positive Technologies
Positive Technologies
added 2026/02/27 12:0 a.m.9 views

PT-2026-22411

Name of the Vulnerable Software and Affected Versions WeGIA versions prior to 3.6.5 Description WeGIA is a web manager for charitable institutions. Prior to version 3.6.5, the adicionar tipo docs atendido.php script does not utilize the project’s central controller and lacks appropriate...

9.8CVSS5.9AI score0.00514EPSS
Exploits1References13
Rows per page
Query Builder