23 matches found
Security Bulletin: Multiple Vulnerabilities in IBM Engineering AI hub.
Summary Multiple vulnerabilities were addressed in IBM Engineering AI Hub version 1.2.0. Vulnerability Details CVEID:CVE-2026-0540 DESCRIPTION: DOMPurify 3.1.3 through 3.3.1 and 2.5.3 through 2.5.8, fixed in commit 2726c74, contain a cross-site scripting vulnerability that allows attackers to...
EUVD-2019-16943
Malware in sbrugna...
EUVD-2025-7410
Malicious code in bioql PyPI...
unit-java -- security vulnerability
F5 reports: When NGINX Unit with the Java Language Module is in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization...
FreeBSD : unit-java -- security vulnerability (f6ca7c47-9190-11f0-b8da-589cfc10a551)
The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the f6ca7c47-9190-11f0-b8da-589cfc10a551 advisory. F5 reports: When NGINX Unit with the Java Language Module is in use, undisclosed requests can lead to a...
BIT-NGINX-2025-1695 NGINX Unit Java Vulnerability
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...
CVE-2025-1695
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...
CVE-2025-1695
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...
CVE-2025-1695
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...
CVE-2025-1695
NGINX Unit 1.34.2+ with the Java Language Module is affected by CVE-2025-1695. In versions prior to 1.34.2, undisclosed requests can trigger an infinite loop, increasing CPU utilization and causing a limited denial-of-service on the data plane. The issue is a data-plane degradation with no contro...
CVE-2025-1695 NGINX Unit Java Vulnerability
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...
CVE-2025-1695 NGINX Unit Java Vulnerability
In NGINX Unit before version 1.34.2 with the Java Language Module in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. This vulnerability allows a remote attacker to cause a degradation that can lead to a limited denial-of-service DoS. There...
F5 NGINX Unit 安全漏洞
F5 NGINX Unit is a multilingual dynamic application server from F5 Corporation. The product supports a RESTful JSON API to run applications built using multiple languages and frameworks. A security vulnerability exists in F5 NGINX Unit prior to version 1.34.2, which stems from an infinite loop th...
K000149959: NGINX Unit vulnerability CVE-2025-1695
Security Advisory Description When NGINX Unit with the Java Language Module is in use, undisclosed requests can lead to an infinite loop and cause an increase in CPU resource utilization. CVE-2025-1695 Impact System performance can degrade due to high CPU utilization. This vulnerability allows a...
SUSE CVE-2019-7401
NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...
Security Bulletin: Aspera Shares application is affected by multiple NGINX Vulnerabilities (CVE-2019-12206, CVE-2019-12207, CVE-2019-12208, CVE-2019-13617, CVE-2018-16845, CVE-2018-16843, CVE-2019-7401)
Summary IBM Aspera Shares has addressed the following NGINX vulnerabilities. Vulnerability Details CVEID: CVE-2019-7401 DESCRIPTION: NGINX Unit is vulnerable to a denial of service, caused by a heap-based buffer overflow in the router process. By sending a specially-crafted request, a remote...
NGINX Unit 0.x > 0.3 / 1.x < 1.7.1 Heap Buffer Overflow (CVE-2019-7401)
According to the self-reported version in its response header, the version of NGINX Unit hosted on the remote web server is 0.x later than 0.3 or 1.x prior to 1.7.1. It is, therefore, affected by a heap buffer overflow vulnerability in the router process. An unauthenticated, remote attacker can...
NGINX Unit HTTP Server Detection
Nessus was able to detect the NGINX Unit HTTP server by looking at the HTTP banner on the remote host. C Tenable Network Security, Inc. include"compat.inc"; if description scriptid124336; scriptversion"1.4"; scriptsetattributeattribute:"pluginmodificationdate", value:"2022/10/12";...
The vulnerability of the Nginx Unit application server arises from overflow in the dynamic memory buffer, allowing attackers to cause service failures.
The vulnerability of the Nginx Unit application server arises from overflowing buffers in dynamic memory. Exploiting this vulnerability allows a malicious actor to cause service failures through a specially crafted request...
CVE-2019-7401
NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service router process crash or possibly have unspecified other impact...