Lucene search
+L

149 matches found

susecve
susecve
added 2026/03/25 12:24 a.m.7 views

SUSE CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

7.8CVSS6.1AI score0.00918EPSS
Exploits0References11
oraclelinux
oraclelinux
added 2026/03/25 12:0 a.m.13 views

nginx security update

1.20.1-24.0.1.el97.1 - Reference oracle-indexhtml within Requires Orabug: 33802044 - Remove Red Hat references Orabug: 29498217 - Update upstream references Orabug: 36579090 2:1.20.1-24.1 - Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connection...

8.2CVSS6AI score0.01069EPSS
Exploits2
nessus
nessus
added 2026/03/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-32647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write ...

8.5CVSS7.8AI score0.00918EPSS
Exploits0References2
nessus
nessus
added 2026/03/25 12:0 a.m.6 views

Oracle Linux 9 : nginx (ELSA-2026-5599)

The remote Oracle Linux 9 host has packages installed that are affected by a vulnerability as referenced in the ELSA-2026-5599 advisory. - Resolves: RHEL-146525 - nginx: NGINX: Data injection via man-in-the-middle attack on TLS proxied connections CVE-2026-1642 - Resolves: RHEL-84477 - nginx:...

8.2CVSS6.8AI score0.01069EPSS
Exploits2References2
redhatcve
redhatcve
added 2026/03/24 8:51 p.m.3 views

CVE-2026-27784

A flaw was found in NGINX Open Source, specifically within the ngxhttpmp4module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resultin...

8.5CVSS5.6AI score0.01031EPSS
Exploits0References4
osv
osv
added 2026/03/24 3:16 p.m.2 views

CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS7.5AI score0.00918EPSS
Exploits0References19
osv
osv
added 2026/03/24 3:16 p.m.4 views

DEBIAN-CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS9.2AI score0.00918EPSS
Exploits0References1
nvd
nvd
added 2026/03/24 3:16 p.m.4 views

CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS0.00918EPSS
Exploits0References19
osv
osv
added 2026/03/24 3:16 p.m.2 views

CVE-2026-27784

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

8.5CVSS7.1AI score0.01031EPSS
Exploits0References19
osv
osv
added 2026/03/24 3:16 p.m.4 views

ALPINE-CVE-2026-27784

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

8.5CVSS5.9AI score0.01031EPSS
Exploits0References1
nvd
nvd
added 2026/03/24 3:16 p.m.6 views

CVE-2026-27784

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

8.5CVSS0.01031EPSS
Exploits0References19
ubuntucve
ubuntucve
added 2026/03/24 3:16 p.m.7 views

CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS5.9AI score0.00918EPSS
Exploits0References4
cve
cve
added 2026/03/24 2:13 p.m.58 views

CVE-2026-27784

The CVE-2026-27784 issue affects 32-bit builds of NGINX Open Source that are compiled with the ngx_http_mp4_module and configured to use the mp4 directive. The vulnerability arises in the 32-bit implementation of NGINX Open Source when processing a specially crafted MP4 file via the ngx_http_mp4_...

8.5CVSS5.8AI score0.01031EPSS
Exploits0References19Affected Software1
debiancve
debiancve
added 2026/03/24 2:13 p.m.3 views

CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS9.2AI score0.00918EPSS
Exploits0
attackerkb
attackerkb
added 2026/03/24 2:13 p.m.5 views

CVE-2026-27784

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

8.5CVSS5.8AI score0.01031EPSS
Exploits0References2Affected Software1
attackerkb
attackerkb
added 2026/03/24 2:13 p.m.8 views

CVE-2026-32647

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS6.1AI score0.00918EPSS
Exploits0References2Affected Software1
vulnrichment
vulnrichment
added 2026/03/24 2:13 p.m.3 views

CVE-2026-27784 NGINX ngx_http_mp4_module vulnerability

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

8.5CVSS5.8AI score0.01031EPSS
Exploits0References1
vulnrichment
vulnrichment
added 2026/03/24 2:13 p.m.9 views

CVE-2026-32647 NGINX ngx_http_mp4_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS6.1AI score0.00918EPSS
Exploits0References1
debiancve
debiancve
added 2026/03/24 2:13 p.m.5 views

CVE-2026-27784

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

8.5CVSS5.5AI score0.01031EPSS
Exploits0
cvelist
cvelist
added 2026/03/24 2:13 p.m.27 views

CVE-2026-32647 NGINX ngx_http_mp4_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS0.00918EPSS
Exploits0References1
Rows per page
Query Builder