Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nginx vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2021-40150
The web server of the E1 Zoom camera up to and including 3.0.0.716 discloses its configuration via the /conf/ directory that is mapped to a publicly accessible path. In this way an attacker can download the entire NGINX/FastCGI configurations by querying the /conf/nginx.conf or /...
Reolink E1 Zoom Firmware
NA
CVE-2022-31161
Roxy-WI is a Web interface for managing HAProxy, Nginx and Keepalived servers. Prior to version 6.1.1.0, the system command can be run remotely via the subprocess_execute function without processing the inputs received from the user in the /app/options.py file. Version 6.1.1.0 co...
Roxy-wi Roxy-wi
10
CVSSv2
CVE-2022-31137
Roxy-WI is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. Versions before 6.1.1.0 are subject to a remote code execution vulnerability. System commands can be run remotely via the subprocess_execute function without processing the inputs received from...
Roxy-wi Roxy-wi
7.5
CVSSv2
CVE-2022-31125
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated malicious user to bypass authentication and access admin functionality by sending a specially crafted HTTP request. This...
Roxy-wi Roxy-wi
7.5
CVSSv2
CVE-2022-31126
Roxy-wi is an open source web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A vulnerability in Roxy-wi allows a remote, unauthenticated malicious user to code execution by sending a specially crafted HTTP request to /app/options.py file. This affects Roxy-...
Roxy-wi Roxy-wi
6.4
CVSSv2
CVE-2022-31081
HTTP::Daemon is a simple http server class written in perl. Versions before 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applicati...
Http\\ \\ Daemon Project
Debian Debian Linux 10.0
4.3
CVSSv2
CVE-2022-31306
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c.
F5 Njs 0.7.2
4.3
CVSSv2
CVE-2022-31307
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_string_offset at src/njs_string.c.
F5 Njs 0.7.2
4.3
CVSSv2
CVE-2022-32414
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c.
F5 Njs 0.7.2
2.1
CVSSv2
CVE-2022-29779
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.
Nginx Njs 0.7.2
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »