Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nginx vulnerabilities and exploits
(subscribe to this query)
2.1
CVSSv2
CVE-2022-30503
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_set_number at src/njs_value.h.
Nginx Njs 0.7.2
2.1
CVSSv2
CVE-2022-29780
Nginx NJS v0.7.2 exists to contain a segmentation violation in the function njs_array_prototype_sort at src/njs_array.c.
Nginx Njs 0.7.2
5
CVSSv2
CVE-2022-29169
BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and before 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service (ReDoS) attacks. By using specific a RegularExpression, an attacker can cause denial of service fo...
Bigbluebutton Bigbluebutton 2.5
Bigbluebutton Bigbluebutton
7.5
CVSSv2
CVE-2022-29379
Nginx NJS v0.7.3 exists to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or ...
F5 Njs 0.7.3
5
CVSSv2
CVE-2022-29588
Konica Minolta bizhub MFP devices prior to 2022-04-14 use cleartext password storage for the /var/log/nginx/html/ADMINPASS and /etc/shadow files.
Konicaminolta Bizhub 226i Firmware
Konicaminolta Bizhub 227 Firmware
Konicaminolta Bizhub 246i Firmware
Konicaminolta Bizhub 287 Firmware
Konicaminolta Bizhub 306i Firmware
Konicaminolta Bizhub 308 Firmware
Konicaminolta Bizhub 308e Firmware
Konicaminolta Bizhub 367 Firmware
Konicaminolta Bizhub 368 Firmware
Konicaminolta Bizhub 368e Firmware
Konicaminolta Bizhub 4052 Firmware
Konicaminolta Bizhub 458 Firmware
Konicaminolta Bizhub 458e Firmware
Konicaminolta Bizhub 4752 Firmware
Konicaminolta Bizhub 558 Firmware
Konicaminolta Bizhub 558e Firmware
Konicaminolta Bizhub 658e Firmware
Konicaminolta Bizhub 758 Firmware
Konicaminolta Bizhub 808 Firmware
Konicaminolta Bizhub 958 Firmware
Konicaminolta Bizhub C227 Firmware
Konicaminolta Bizhub C250i Firmware
5
CVSSv2
CVE-2022-29369
Nginx NJS v0.7.2 exists to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c.
F5 Njs 0.7.2
5.5
CVSSv2
CVE-2021-25745
A security issue exists in ingress-nginx where a user that can create or update ingress objects can use the spec.rules[].http.paths[].path field of an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In t...
Kubernetes Ingress-nginx
5.5
CVSSv2
CVE-2021-25746
A security issue exists in ingress-nginx where a user that can create or update ingress objects can use .metadata.annotations in an Ingress object (in the networking.k8s.io or extensions API group) to obtain the credentials of the ingress-nginx controller. In the default configur...
Kubernetes Ingress-nginx
3.3
CVSSv2
CVE-2022-27495
On all versions 1.3.x (fixed in 1.4.0) NGINX Service Mesh control plane endpoints are exposed to the cluster overlay network. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated
F5 Nginx Service Mesh 1.3.1
F5 Nginx Service Mesh 1.3.0
4
CVSSv2
CVE-2021-23055
On version 2.x prior to 2.0.3 and 1.x prior to 1.12.3, the command line restriction that controls snippet use with NGINX Ingress Controller does not apply to Ingress objects. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Nginx Ingress Controller
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
4
5
6
7
8
9
10
NEXT »