Lucene search
+L

443 matches found

Tenable Nessus
Tenable Nessus
added 2025/08/30 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2019-16748

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In wolfSSL through 4.1.0, there is a missing sanity check of memory accesses in parsing ASN.1 certificate data while handshaking. Specifically, there is a...

9.8CVSS8.4AI score0.01154EPSS
Exploits0References2
OSV
OSV
added 2025/08/29 11:18 a.m.6 views

OESA-2025-2089 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

6.3CVSS7.3AI score0.00394EPSS
Exploits0References2
OSV
OSV
added 2025/08/29 11:18 a.m.5 views

OESA-2025-2088 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

6.3CVSS7.3AI score0.00394EPSS
Exploits0References2
OSV
OSV
added 2025/08/29 11:18 a.m.7 views

OESA-2025-2087 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

6.3CVSS7.3AI score0.00394EPSS
Exploits0References2
OSV
OSV
added 2025/08/29 11:18 a.m.6 views

OESA-2025-2086 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication...

6.3CVSS7.3AI score0.00394EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2025/08/27 12:0 a.m.2 views

Linux Distros Unpatched Vulnerability : CVE-2025-20234

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability in Universal Disk Format UDF processing of ClamAV could allow an unauthenticated, remote attacker to cause a denial of service DoS condition on ...

7.5CVSS7.4AI score0.00663EPSS
Exploits0References2
OSV
OSV
added 2025/08/18 8:7 a.m.55 views

BIT-NGINX-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS7.5AI score0.00394EPSS
Exploits0References3
Amazon
Amazon
added 2025/08/18 12:0 a.m.6 views

Low: nginx

Issue Overview: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server...

6.3CVSS7.2AI score0.00394EPSS
Exploits0
OSV
OSV
added 2025/08/13 3:15 p.m.6 views

CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS7.5AI score
Exploits0References2
OSV
OSV
added 2025/08/13 3:15 p.m.5 views

ALPINE-CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS5.5AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2025/08/13 3:15 p.m.6 views

AZL-66311 CVE-2025-53859 affecting package nginx for versions less than 1.25.4-5

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS5.9AI score0.00394EPSS
Exploits0References1
OSV
OSV
added 2025/08/13 3:15 p.m.6 views

DEBIAN-CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS5.7AI score0.00394EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/08/13 2:46 p.m.5 views

CVE-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS7.5AI score0.00394EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/08/13 2:46 p.m.23 views

CVE-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS0.00394EPSS
Exploits0References1
CVE
CVE
added 2025/08/13 2:46 p.m.145 views

CVE-2025-53859

Technical details about CVE-2025-53859 are not provided in the connected documents. The initial description notes an over-read in NGINX SMTP authentication, but no technical specifics are included here. Monitor for updates.

6.3CVSS7.5AI score0.00394EPSS
Exploits0References2Affected Software1
Debian CVE
Debian CVE
added 2025/08/13 2:46 p.m.7 views

CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS5.7AI score0.00394EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2025/08/10 12:0 a.m.3 views

Linux Distros Unpatched Vulnerability : CVE-2021-47535

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - In the Linux kernel, the following vulnerability has been resolved: drm/msm/a6xx: Allocate enough space for GMU registers In commit 142639a52a01 drm/msm/a6xx: f...

6.2CVSS5AI score0.00234EPSS
Exploits0References2
BDU FSTEC
BDU FSTEC
added 2025/07/30 12:0 a.m.5 views

The vulnerability of the __clk_register() function in the clk component of the Linux operating system’s kernel allows a hacker to trigger a service failure.

The vulnerability of the clkregister function in the clk component of the Linux operating system is related to reading data beyond the buffer boundaries in memory. Exploiting this vulnerability could allow an attacker to cause a service failure...

5.5CVSS7.2AI score0.00149EPSS
Exploits0References9Affected Software3
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.3 views

PT-2025-33004

Name of the Vulnerable Software and Affected Versions NGINX versions prior to 1.28.1 NGINX versions prior to 1.29.1 Description NGINX Open Source and NGINX Plus are affected by a vulnerability in the ngx mail smtp module. This flaw could allow an unauthenticated attacker to read data from NGINX...

6.3CVSS6.3AI score0.00394EPSS
Exploits0References79
RedHat Linux
RedHat Linux
added 2025/07/21 9:8 a.m.3 views

kernel: wifi: iwlwifi: limit printed string from FW file

In the Linux kernel, the following vulnerability has been resolved: wifi: iwlwifi: limit printed string from FW file There's no guarantee here that the file is always with a NUL-termination, so reading the string may read beyond the end of the TLV. If that's the last TLV in the file, it can perha...

7.1CVSS6.8AI score0.00206EPSS
Exploits0References5
Rows per page
Query Builder