Lucene search
K

846 matches found

RedHat Linux
RedHat Linux
added 2026/03/31 4:54 a.m.3 views

Moderate: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

8.2CVSS5.9AI score0.00339EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/31 4:54 a.m.9 views

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

8.2CVSS5.8AI score0.00339EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/31 4:46 a.m.3 views

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

8.2CVSS5.8AI score0.00339EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/31 4:46 a.m.4 views

Moderate: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

8.2CVSS5.9AI score0.00339EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.8 views

RHEL 9 : nginx (RHSA-2026:6234)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6234 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.1 views

RHEL 9 : nginx (RHSA-2026:6235)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6235 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/31 12:0 a.m.9 views

MiracleLinux 9 : nginx-1.20.1-24.el9_7.1.ML.1 (AXSA:2026-364:01)

The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-364:01 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/30 3:3 p.m.3 views

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

8.2CVSS5.8AI score0.00339EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/30 3:3 p.m.4 views

Moderate: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...

8.2CVSS5.9AI score0.00339EPSS
Exploits0References2
OSV
OSV
added 2026/03/30 11:49 a.m.3 views

BIT-PRESTASHOP-2026-33673 PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables

PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting stored XSS vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability,...

7.6CVSS5.9AI score0.0027EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/30 12:0 a.m.9 views

RHEL 9 : nginx (RHSA-2026:6182)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6182 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References5
Microsoft CVE
Microsoft CVE
added 2026/03/29 8:1 a.m.6 views

Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection

...

8.8CVSS5.8AI score0.02709EPSS
Exploits0
OSV
OSV
added 2026/03/27 12:7 p.m.5 views

RLSA-2026:4705 Moderate: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

5.9CVSS5.9AI score0.00339EPSS
Exploits0References2
Rockylinux
Rockylinux
added 2026/03/27 12:7 p.m.4 views

nginx security update

An update is available for nginx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other protocols, with a...

8.2CVSS5.9AI score0.00339EPSS
Exploits0
RedhatCVE
RedhatCVE
added 2026/03/26 2:59 p.m.6 views

CVE-2026-31856

Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g., stats.counter. The amount value is...

9.8CVSS6AI score0.00418EPSS
Exploits0References1
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.8 views

AlmaLinux 9 : nginx (ALSA-2026:5599)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5599 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/26 12:0 a.m.6 views

AlmaLinux 8 : nginx:1.24 (ALSA-2026:5581)

The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5581 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2026/03/25 9:22 p.m.8 views

CVE-2025-14684 IBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

4CVSS5.9AI score0.00135EPSS
Exploits0References1
CVE
CVE
added 2026/03/25 9:22 p.m.9 views

CVE-2025-14684

CVE-2025-14684 affects IBM Maximo Application Suite - Monitor Component. Root cause: improper neutralization of special elements when written to log files, enabling log forgery. Affected versions: Monitor Component 8.10, 8.11, 9.0, 9.1. Remediation/fixes: update to Monitor Component versions 8.10...

4CVSS5.8AI score0.00135EPSS
Exploits0References1Affected Software1
Cvelist
Cvelist
added 2026/03/25 9:22 p.m.20 views

CVE-2025-14684 IBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .

IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...

4CVSS0.00135EPSS
Exploits0References1
Rows per page
Query Builder