Lucene search
K

296 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.10 views

RockyLinux 10 : nginx (RLSA-2026:29874)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:29874 advisory. nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 Tenable has extracted the preceding description block directly from the RockyLin...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References3
RedhatCVE
RedhatCVE
added 2026/06/25 7:28 p.m.5 views

CVE-2026-42055

A flaw was found in NGINX. When NGINX is configured to proxy HTTP/2 traffic using the ngxhttpproxyv2module or ngxhttpgrpcmodule with specific settings, a remote, unauthenticated attacker can send specially crafted large headers. This can trigger a heap-based buffer overflow, leading to a restart ...

9.2CVSS6.5AI score0.02838EPSS
Exploits1References4
Tenable Nessus
Tenable Nessus
added 2026/06/25 12:0 a.m.10 views

AlmaLinux 9 : nginx (ALSA-2026:28973)

The remote AlmaLinux 9 host has packages installed that are affected by a vulnerability as referenced in the ALSA-2026:28973 advisory. nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 Tenable has extracted the preceding description block directly from the AlmaLinux...

9.2CVSS6.4AI score0.04261EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/06/24 12:0 a.m.5 views

RHEL 9 : nginx (RHSA-2026:28973)

The remote Redhat Enterprise Linux 9 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2026:28973 advisory. nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security...

9.2CVSS6.4AI score0.04261EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/06/22 12:0 a.m.19 views

nginx 0.3.50 < 1.30.3 / 1.31.x < 1.31.2 Buffer Overread in ngx_http_charset_module

The installed version of nginx is 0.3.50 prior to 1.30.3, or 1.31.x prior to 1.31.2. It is, therefore, affected by the following issue : - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpcharsetmodule module. When content is served or proxied through a location block with both...

6.3CVSS6AI score0.00398EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2026/06/20 12:0 a.m.6 views

Linux Distros Unpatched Vulnerability : CVE-2026-42055

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the...

9.2CVSS7.8AI score0.02838EPSS
Exploits1References4
SUSE CVE
SUSE CVE
added 2026/06/19 1:53 a.m.7 views

SUSE CVE-2026-42055

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...

8.1CVSS6.5AI score0.02838EPSS
Exploits1References3
OSV
OSV
added 2026/06/15 12:44 p.m.11 views

USN-8398-3 nginx vulnerability

USN-8398-1 fixed a vulnerability in nginx. The update caused a regression and was temporarily reverted in USN-8398-2. This update introduces a complete fix for CVE-2026-49975. We apologize for the inconvenience. Original advisory details: It was discovered that nginx incorrectly handled certain...

7.5CVSS5.4AI score0.11471EPSS
Exploits8References2
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.10 views

Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2026-1773)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2026-1773 advisory. NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-...

9.2CVSS6.1AI score0.04261EPSS
Exploits3References4
Amazon
Amazon
added 2026/06/08 12:0 a.m.11 views

Important: nginx

Issue Overview: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string...

9.2CVSS6.1AI score0.04261EPSS
Exploits3
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.9 views

Amazon Linux 2 : nginx, --advisory ALAS2NGINX1-2026-013 (ALASNGINX1-2026-013)

The version of nginx installed on the remote host is prior to 1.30.2-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2026-013 advisory. NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2026/06/08 12:0 a.m.15 views

TencentOS Server 4: nginx (TSSA-2026:0398)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2026:0398 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

9.2CVSS6.5AI score0.04261EPSS
Exploits3References3
Tenable Nessus
Tenable Nessus
added 2026/06/04 12:0 a.m.12 views

RockyLinux 10 : nginx (RLSA-2026:19159)

The remote RockyLinux 10 host has packages installed that are affected by a vulnerability as referenced in the RLSA-2026:19159 advisory. nginx: NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945 Tenable has extracted the preceding description block directly from the RockyLinux security...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References3
The Hacker News
The Hacker News
added 2026/06/03 8:33 a.m.31 views

New HTTP/2 Bomb Vulnerability Allows Remote DoS on NGINX, Apache, IIS, Envoy & Cloudflare

Cybersecurity researchers have discovered a remote denial-of-service exploit that affects major web servers, including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. The vulnerability has been codenamed HTTP/2 Bomb by Calif. "The vulnerable behavior exists in each server's...

7.5CVSS6AI score0.48438EPSS
Exploits3
Information Security Automation
Information Security Automation
added 2026/06/02 11:0 a.m.11 views

May Linux Patch Wednesday

May Linux Patch Wednesday. A total of 1,638 vulnerabilities 474 in the Linux kernel. For comparison, in April there were 1,035 vulnerabilities a record!. And this time it turns out to be a record again, more than one and a half times higher! The acceleration is both impressive and alarming. But w...

9.8CVSS7.8AI score0.96267EPSS
Exploits357
RedHat Linux
RedHat Linux
added 2026/06/02 5:33 a.m.5 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.14.33 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.14.33 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.14.33 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6993: RHODF 4.14.33 release NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945...

9.2CVSS6.2AI score0.61469EPSS
Exploits40References3
RedHat Linux
RedHat Linux
added 2026/06/02 5:24 a.m.5 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.16.29 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.16.29 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.16.29 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7034: RHODF 4.16.29 release NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945...

9.2CVSS6.2AI score0.61469EPSS
Exploits40References3
RedHat Linux
RedHat Linux
added 2026/06/02 5:22 a.m.5 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.15.29 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.15.29 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.15.29 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6992: RHODF 4.15.29 release NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945...

9.2CVSS6.2AI score0.61469EPSS
Exploits40References3
RedHat Linux
RedHat Linux
added 2026/06/02 4:56 a.m.5 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.18.23 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.18.23 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.18.23 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-7032: RHODF 4.18.23 release NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945...

9.2CVSS6.2AI score0.61469EPSS
Exploits40References3
RedHat Linux
RedHat Linux
added 2026/06/02 3:56 a.m.5 views

Critical: Red Hat Security Advisory: Red Hat OpenShift Data Foundation 4.21.6 security, enhancement & bug fix update

Red Hat OpenShift Data Foundation 4.21.6 security, enhancement & bug fix update Red Hat OpenShift Data Foundation 4.21.6 security, enhancement & bug fix update FIXED BUGS: ========== DFBUGS-6964: RHODF 4.21.6 release NGINX: Arbitrary Code Execution Vulnerability CVE-2026-42945...

9.2CVSS6.2AI score0.61469EPSS
Exploits40References3
Rows per page
Query Builder