| CVE ID | Title | Vendor | Product | Severity | CVSS Score | Published At | AI Analysis |
|---|---|---|---|---|---|---|---|
| CVE-2024-10318 | NGINX OpenID Connect Vulnerability | F5 | NGINX OpenID Connect | Medium | 5.4 | 2024-11-06 16:48:56 | Deep Dive |
| CVE-2024-49368 | Unchecked logrotate settings lead to arbitrary command execution | 0xJacky | nginx-ui | - | - | 2024-10-21 17:04:44 | Deep Dive |
| CVE-2024-49367 | Nginx UI's log path can be controlled | 0xJacky | nginx-ui | - | - | 2024-10-21 16:24:57 | Deep Dive |
| CVE-2024-49366 | Nginx UI's json field can construct a directory traversal payload, causing arbitrary files to be written | 0xJacky | nginx-ui | - | - | 2024-10-21 16:12:00 | Deep Dive |
| CVE-2024-7634 | NGINX Agent Vulnerability | F5 | NGINX Agent | Medium | 4.9 | 2024-08-22 18:07:31 | Deep Dive |
| CVE-2024-7646 | Ingress NGINX Controller 安全漏洞 | Kubernetes | ingress-nginx | High | 8.8 | 2024-08-16 17:36:54 | Deep Dive |
| CVE-2024-39792 | NGINX Plus MQTT vulnerability | F5 | NGINX Plus | High | 7.5 | 2024-08-14 14:32:34 | Deep Dive |
| CVE-2024-7347 | NGINX MP4 module vulnerability | F5 | NGINX Open Source | Medium | 4.7 | 2024-08-14 14:32:34 | Deep Dive |
| CVE-2024-34161 | NGINX HTTP/3 QUIC vulnerability | F5 | NGINX Open Source | Medium | 5.3 | 2024-05-29 16:02:06 | Deep Dive |
| CVE-2024-31079 | NGINX HTTP/3 QUIC vulnerability | F5 | NGINX Open Source | Medium | 4.8 | 2024-05-29 16:02:05 | Deep Dive |
| CVE-2024-32760 | NGINX HTTP/3 QUIC vulnerability | F5 | NGINX Open Source | Medium | 6.5 | 2024-05-29 16:02:05 | Deep Dive |
| CVE-2024-35200 | NGINX HTTP/3 QUIC vulnerability | F5 | NGINX Open Source | Medium | 5.3 | 2024-05-29 16:02:05 | Deep Dive |
| CVE-2024-24989 | NGINX HTTP/3 QUIC vulnerability | F5 | NGINX Plus | High | 7.5 | 2024-02-14 16:30:26 | Deep Dive |
| CVE-2024-24990 | NGINX HTTP/3 QUIC vulnerability | F5 | NGINX Plus | High | 7.5 | 2024-02-14 16:30:26 | Deep Dive |
| CVE-2024-23828 | Nginx-UI authenticated RCE through injecting into the application config via CRLF | 0xJacky | nginx-ui | High | 8.8 | 2024-01-29 16:49:51 | Deep Dive |
| CVE-2024-23827 | Nginx-UI arbitrary file write through the Import Certificate feature | 0xJacky | nginx-ui | Critical | 9.8 | 2024-01-29 16:07:14 | Deep Dive |
| CVE-2024-22198 | Authenticated (user role) arbitrary command execution by modifying `start_cmd` setting (GHSL-2023-268) | 0xJacky | nginx-ui | High | 7.1 | 2024-01-11 19:38:27 | Deep Dive |
| CVE-2024-22196 | Authenticated (user role) SQL injection in `OrderAndPaginate` (GHSL-2023-270) | 0xJacky | nginx-ui | High | 7.0 | 2024-01-11 19:24:08 | Deep Dive |
| CVE-2024-22197 | Authenticated (user role) remote command execution by modifying `nginx` settings (GHSL-2023-269) | 0xJacky | nginx-ui | High | 7.7 | 2024-01-11 17:56:12 | Deep Dive |
| CVE-2023-5044 | Code injection via nginx.ingress.kubernetes.io/permanent-redirect annotation | Kubernetes | ingress-nginx | High | 7.6 | 2023-10-25 19:19:08 | Deep Dive |