Lucene search
K

846 matches found

EUVD
EUVD
added 2026/03/25 6:31 p.m.4 views

EUVD-2026-15553

NVIDIA Megatron-LM for all platforms contains a vulnerability in a script, where malicious data created by an attacker may cause a code injection issue. A successful exploit of this vulnerability may lead to code execution, escalation of privileges, information disclosure, data tampering...

8.6CVSS7.1AI score0.00291EPSS
Exploits0References3
Oracle linux
Oracle linux
added 2026/03/25 12:0 a.m.12 views

nginx security update

1.20.1-24.0.1.el97.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 - Update upstream references Orabug: 36579090 2:1.20.1-24.1 - Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connection...

8.2CVSS6AI score0.01069EPSS
Exploits2
Tenable Nessus
Tenable Nessus
added 2026/03/25 12:0 a.m.6 views

Oracle Linux 9 : nginx (ELSA-2026-5599)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5599 advisory. - Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 - Resolves: RHEL-84477 - nginx:...

8.2CVSS6.8AI score0.01069EPSS
Exploits2References2
RedHat Linux
RedHat Linux
added 2026/03/24 10:39 a.m.13 views

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

8.2CVSS6AI score0.00339EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/24 10:39 a.m.4 views

Moderate: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the...

8.2CVSS6AI score0.00339EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2026/03/24 10:36 a.m.11 views

nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections

A flaw was found in NGINX. When NGINX is configured to proxy to upstream Transport Layer Security TLS servers, An attacker with a man-in-the-middle MITM position on the upstream server side—along with conditions beyond the attacker's control—may be able to inject plain text data into the response...

8.2CVSS6AI score0.00339EPSS
Exploits0References5
RedHat Linux
RedHat Linux
added 2026/03/24 10:36 a.m.3 views

Moderate: Red Hat Security Advisory: nginx:1.24 security update

An update for the nginx:1.24 module is now available for Red Hat Enterprise Linux 8. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...

8.2CVSS6AI score0.00339EPSS
Exploits0References2
OSV
OSV
added 2026/03/24 12:0 a.m.2 views

ALSA-2026:5599 Moderate: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

8.2CVSS5.9AI score0.00339EPSS
Exploits0References4
OSV
OSV
added 2026/03/24 12:0 a.m.2 views

ALSA-2026:5581 Moderate: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

8.2CVSS5.9AI score0.00339EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/03/24 12:0 a.m.6 views

Moderate: nginx security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

8.2CVSS6AI score0.00339EPSS
Exploits0References4
AlmaLinux
AlmaLinux
added 2026/03/24 12:0 a.m.11 views

Moderate: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 For more details about the security issues,...

8.2CVSS6AI score0.00339EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.11 views

Oracle Linux 8 : nginx:1.24 (ELSA-2026-5581)

The remote Oracle Linux 8 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5581 advisory. - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 - Resolves: RHEL-12728 -...

8.2CVSS7AI score0.99999EPSS
Exploits29References2
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.5 views

RHEL 9 : nginx (RHSA-2026:5599)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5599 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2026/03/24 12:0 a.m.28 views

RHEL 8 : nginx:1.24 (RHSA-2026:5581)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:5581 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References5
Oracle linux
Oracle linux
added 2026/03/24 12:0 a.m.12 views

nginx:1.24 security update

1.24.0-2.0.1 - Remove Red Hat references Orabug: 29498217 1:1.24.0-2 - Resolves: RHEL-146517 - nginx:1.24/nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 1:1.24.0-1 - Resolves: RHEL-14714 - add nginx:1.24 to RHEL 8.10 1:1.22.1-2 - Resolves:...

8.2CVSS6AI score0.99999EPSS
Exploits29
Tenable Nessus
Tenable Nessus
added 2026/03/23 12:0 a.m.4 views

Siemens APE1808 Insertion of Sensitive Information into Sent Data (CVE-2024-46665)

An insertion of sensitive information into sent data vulnerability CWE-201 in FortiOS 7.6.0, 7.4.0 through 7.4.4 may allow an attacker in a man-in-the-middle position to retrieve the RADIUS accounting server shared secret via intercepting accounting-requests. This plugin only works with Tenable.o...

3.7CVSS5.9AI score0.00523EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/03/20 12:0 a.m.7 views

AlmaLinux 10 : nginx (ALSA-2026:4705)

The remote AlmaLinux 10 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:4705 advisory. nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 Tenable has extracted the preceding description block directly...

8.2CVSS6.1AI score0.00339EPSS
Exploits0References3
OSV
OSV
added 2026/03/18 1:31 p.m.6 views

USN-8106-1 valkey vulnerabilities

It was discovered that Valkey incorrectly handled errors for lua scripts. An attacker could possibly use this issue to inject arbitrary information into the response stream for other clients. CVE-2025-67733 It was discovered that Valkey incorrectly handled malformed cluster bus messages. A remote...

8.5CVSS5.9AI score0.00586EPSS
Exploits0References3
ATTACKERKB
ATTACKERKB
added 2026/03/17 9:44 a.m.3 views

CVE-2026-3633

A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the soupmessagenew function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF Carriage Return Line Feed injection, occurs because the method value is not properly...

3.9CVSS5.9AI score0.00223EPSS
Exploits1References4
Vulnrichment
Vulnrichment
added 2026/03/17 9:44 a.m.3 views

CVE-2026-3633 Libsoup: libsoup: header and http request injection via crlf injection

A flaw was found in libsoup. A remote attacker, by controlling the method parameter of the soupmessagenew function, could inject arbitrary headers and additional request data. This vulnerability, known as CRLF Carriage Return Line Feed injection, occurs because the method value is not properly...

3.9CVSS5.9AI score0.00223EPSS
Exploits1References3
Rows per page
Query Builder