Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
f5 nginx 1.3.0 vulnerabilities and exploits
(subscribe to this query)
445
VMScore
CVE-2011-4963
nginx/Windows 1.3.x prior to 1.3.1 and 1.2.x prior to 1.2.1 allows remote malicious users to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.
F5 Nginx
F5 Nginx 1.3.0
294
VMScore
CVE-2022-27495
On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Nginx Service Mesh 1.3.1
F5 Nginx Service Mesh 1.3.0
668
VMScore
CVE-2013-0337
The default configuration of nginx, possibly 1.3.13 and previous versions, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.
F5 Nginx
F5 Nginx 1.2.0
F5 Nginx 1.1.9
F5 Nginx 1.1.8
F5 Nginx 1.1.7
F5 Nginx 1.1.12
F5 Nginx 1.1.11
F5 Nginx 1.1.10
F5 Nginx 1.1.1
F5 Nginx 1.0.11
F5 Nginx 1.0.10
F5 Nginx 1.0.1
F5 Nginx 1.0.0
F5 Nginx 1.3.8
F5 Nginx 1.3.7
F5 Nginx 1.3.6
F5 Nginx 1.3.5
F5 Nginx 1.1.2
F5 Nginx 1.1.19
F5 Nginx 1.1.18
F5 Nginx 1.1.17
F5 Nginx 1.0.5
516
VMScore
CVE-2013-2070
http/modules/ngx_http_proxy_module.c in nginx 1.1.4 up to and including 1.2.8 and 1.3.0 up to and including 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote malicious users to cause a denial of service (crash) and obtain sensitive information from worker ...
F5 Nginx
Debian Debian Linux 6.0
Debian Debian Linux 7.0
NA
CVE-2023-44487
The HTTP/2 protocol allows a denial of service (server resource consumption) because request cancellation can reset many streams quickly, as exploited in the wild in August through October 2023.
Ietf Http 2.0
Nghttp2 Nghttp2
Netty Netty
Envoyproxy Envoy 1.27.0
Envoyproxy Envoy 1.26.4
Envoyproxy Envoy 1.25.9
Envoyproxy Envoy 1.24.10
Eclipse Jetty
Caddyserver Caddy
Golang Http2
Golang Go
Golang Networking
F5 Big-ip Analytics
F5 Big-ip Policy Enforcement Manager
F5 Big-ip Local Traffic Manager
F5 Big-ip Link Controller
F5 Big-ip Global Traffic Manager
F5 Big-ip Fraud Protection Service
F5 Big-ip Domain Name System
F5 Big-ip Application Security Manager
F5 Big-ip Application Acceleration Manager
F5 Big-ip Advanced Firewall Manager
34 Github repositories
2 Articles
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-27322
cross-site request forgery
unauthorized
CVE-2024-33925
reflected XSS
CVE-2023-51580
CVE-2023-51579
CVE-2015-2051
CVE-2023-51609
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started