Lucene search
K

14 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.13 views

TencentOS Server 4: nginx (TSSA-2026:0279)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0279 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities:...

6.3CVSS6AI score0.00371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/03 12:0 a.m.5 views

Fedora 42 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-8caa129b2e)

The remote Fedora 42 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8caa129b2e advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...

6.3CVSS5.6AI score0.00371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2026/01/02 12:0 a.m.6 views

Fedora 43 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-8aa169ea14)

The remote Fedora 43 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-8aa169ea14 advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...

6.3CVSS5.6AI score0.00371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/12/26 12:0 a.m.4 views

Fedora 44 : nginx / nginx-mod-brotli / nginx-mod-fancyindex / etc (2025-530e10091c)

The remote Fedora 44 host has packages installed that are affected by a vulnerability as referenced in the FEDORA-2025-530e10091c advisory. Changes with nginx 1.28.1 23 Dec 2025 Security: processing of a specially crafted login/password when using the none authentication method in the...

6.3CVSS5.6AI score0.00371EPSS
Exploits0References2
EUVD
EUVD
added 2025/11/11 12:41 a.m.2 views

EUVD-2025-53859

Malicious code in immense-aquamarine-mouse npm...

6.6AI score
Exploits0
OpenVAS
OpenVAS
added 2025/10/23 12:0 a.m.7 views

Mageia: Security Advisory (MGASA-2025-0245)

The remote host is missing an update for the SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

6.3CVSS6.8AI score0.00371EPSS
Exploits0References4
Mageia
Mageia
added 2025/10/22 8:7 p.m.8 views

Updated nginx package fixes security vulnerability

It was discovered that nginx contains a security issue in the ngxmailsmtpmodule which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server CVE-2025-53859...

6.3CVSS7AI score0.00371EPSS
Exploits0References2
CBLMariner
CBLMariner
added 2025/10/03 3:8 p.m.7 views

CVE-2025-53859 affecting package nginx for versions less than 1.22.1-14

CVE-2025-53859 affecting package nginx for versions less than 1.22.1-14. A patched version of the package is available...

6.3CVSS6.5AI score0.00371EPSS
Exploits0
OSV
OSV
added 2025/08/29 11:18 a.m.6 views

OESA-2025-2089 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

6.3CVSS7.3AI score0.00371EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/22 12:0 a.m.26 views

nginx 0.7.22 < 1.29.1 Information Disclosure

According to its Sever response header, the installed version of nginx is 0.7.22 prior to 1.29.1. It is, therefore, affected by the following issue : - NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SM...

6.3CVSS5.8AI score0.00371EPSS
Exploits0References3
Amazon
Amazon
added 2025/08/19 12:0 a.m.5 views

Low: nginx

Issue Overview: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server...

6.3CVSS7.3AI score0.00371EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/19 12:0 a.m.12 views

Amazon Linux 2 : nginx, --advisory ALAS2NGINX1-2025-009 (ALASNGINX1-2025-009)

The version of nginx installed on the remote host is prior to 1.28.0-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2025-009 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to...

6.3CVSS5.8AI score0.00371EPSS
Exploits0References4
Circl
Circl
added 2025/08/13 4:14 p.m.11 views

CVE-2025-53859

creationtimestamp| type| source ---|---|--- 2025-08-13 16:14:44+00:00| seen| https://seclists.org/oss-sec/2025/q3/98 2025-08-13 18:50:27+00:00| seen| https://bsky.app/profile/infosec.skyfleet.blue/post/3lwcikot7oi22 2025-08-14 22:03:28+00:00| seen|...

6.3CVSS4.7AI score0.00371EPSS
Exploits0References13
NVD
NVD
added 2025/08/13 3:15 p.m.6 views

CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS0.00371EPSS
Exploits0References2
Rows per page
Query Builder