Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
nginx vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-25748
A security issue exists in ingress-nginx where a user that can create or update ingress objects can use a newline character to bypass the sanitization of the `spec.rules[].http.paths[].path` field of an Ingress object (in the `networking.k8s.io` or `extensions` API group) to obta...
Kubernetes Ingress-nginx
8.1
CVSSv3
CVE-2023-28656
NGINX Management Suite may allow an authenticated malicious user to gain access to configuration objects outside of their assigned environment. Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
F5 Nginx Instance Manager
F5 Nginx Security Monitoring
F5 Nginx Api Connectivity Manager
7.1
CVSSv3
CVE-2023-28724
NGINX Management Suite default file permissions are set such that an authenticated attacker may be able to modify sensitive files on NGINX Instance Manager and NGINX API Connectivity Manager. Note: Software versions which have reached End of Technical Support (EoTS) are not eval...
F5 Nginx Instance Manager
F5 Nginx Security Monitoring
F5 Nginx Api Connectivity Manager
6.5
CVSSv3
CVE-2023-29004
hap-wi/roxy-wi is a web interface for managing Haproxy, Nginx, Apache and Keepalived servers. A Path Traversal vulnerability was found in the current version of Roxy-WI (6.3.9.0 at the moment of writing this report). The vulnerability can be exploited via an HTTP request to /app/...
Roxy-wi Roxy-wi
7.5
CVSSv3
CVE-2023-27728
Nginx NJS v0.7.10 exists to contain a segmentation violation via the function njs_dump_is_recursive at src/njs_vmcode.c.
F5 Njs 0.7.10
7.5
CVSSv3
CVE-2023-27727
Nginx NJS v0.7.10 exists to contain a segmentation violation via the function njs_function_frame at src/njs_function.h.
F5 Njs 0.7.10
7.5
CVSSv3
CVE-2023-27729
Nginx NJS v0.7.10 exists to contain an illegal memcpy via the function njs_vmcode_return at src/njs_vmcode.c.
F5 Njs 0.7.10
7.5
CVSSv3
CVE-2023-27730
Nginx NJS v0.7.10 exists to contain a segmentation violation via the function njs_lvlhsh_find at src/njs_lvlhsh.c.
F5 Njs 0.7.10
9.8
CVSSv3
CVE-2020-19695
Buffer Overflow found in Nginx NJS allows a remote malicious user to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.
Nginx Njs 2019-06-27
Nginx Njs
9.8
CVSSv3
CVE-2020-19692
Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote malicious user to execute arbitrary code via the njs_module_read in the njs_module.c file.
Nginx Njs 2019-06-27
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »