Vulnerabilities > F5 > Nginx Plus > r32

DATE CVE VULNERABILITY TITLE RISK
2024-08-14 CVE-2024-39792 Operation on a Resource after Expiration or Release vulnerability in F5 Nginx Plus R30/R31/R32
When the NGINX Plus is configured to use the MQTT pre-read module, undisclosed requests can cause an increase in memory resource utilization.  Note: Software versions which have reached End of Technical Support (EoTS) are not evaluated.
network
low complexity
f5 CWE-672
7.5
2024-08-14 CVE-2024-7347 Out-of-bounds Read vulnerability in F5 Nginx Open Source and Nginx Plus
NGINX Open Source and NGINX Plus have a vulnerability in the ngx_http_mp4_module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file.
local
high complexity
f5 CWE-125
4.7