846 matches found
Moderate: Red Hat Security Advisory: nginx security update
An update for nginx is now available for Red Hat Enterprise Linux 9.4 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections
A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...
nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections
A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...
Moderate: Red Hat Security Advisory: nginx security update
An update for nginx is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...
RHEL 9 : nginx (RHSA-2026:6234)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6234 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
RHEL 9 : nginx (RHSA-2026:6235)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6235 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
MiracleLinux 9 : nginx-1.20.1-24.el9_7.1.ML.1 (AXSA:2026-364:01)
The remote MiracleLinux 9 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2026-364:01 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block...
nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections
A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...
Moderate: Red Hat Security Advisory: nginx security update
An update for nginx is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for ea...
BIT-PRESTASHOP-2026-33673 PrestaShop has multiple stored XSS vulnerabilities via unprotected Template variables
PrestaShop is an open source e-commerce web application. Versions prior to 8.2.5 and 9.1.0 are vulnerable to stored Cross-Site Scripting stored XSS vulnerabilities in the BO. An attacker who can inject data into the database, via limited back-office access or a previously existing vulnerability,...
RHEL 9 : nginx (RHSA-2026:6182)
The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:6182 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...
Flannel vulnerable to cross-node remote code execution via extension backend BackendData injection
...
RLSA-2026:4705 Moderate: nginx security update
nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...
nginx security update
An update is available for nginx. This update affects Rocky Linux 10. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list nginx is a web and proxy server supporting HTTP and other protocols, with a...
CVE-2026-31856
Parse Server is an open source backend that can be deployed to any infrastructure that can run Node.js. A SQL injection vulnerability exists in the PostgreSQL storage adapter when processing Increment operations on nested object fields using dot notation e.g., stats.counter. The amount value is...
AlmaLinux 9 : nginx (ALSA-2026:5599)
The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5599 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...
AlmaLinux 8 : nginx:1.24 (ALSA-2026:5581)
The remote AlmaLinux 8 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:5581 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...
CVE-2025-14684 IBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...
CVE-2025-14684
CVE-2025-14684 affects IBM Maximo Application Suite - Monitor Component. Root cause: improper neutralization of special elements when written to log files, enabling log forgery. Affected versions: Monitor Component 8.10, 8.11, 9.0, 9.1. Remediation/fixes: update to Monitor Component versions 8.10...
CVE-2025-14684 IBM Maximo Application Suite - Monitor Component uses Log Forging which is vulnerable to .
IBM Maximo Application Suite - Monitor Component 9.1, 9.0, 8.11, and 8.10 could allow an unauthorized user to inject data into log messages due to improper neutralization of special elements when written to log files...