NGINX ngx_http_ssl_module vulnerability

...

NGINX ngx_quic_module vulnerability

...

Important: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

Linux Distros Unpatched Vulnerability : CVE-2026-32647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write ...

K000160336: Out-of-band Security Notification (March 24, 2026)

Security Advisory Description On March 24, 2026, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. High CVEs...

Advisory ROSA-SA-2026-3214

software: nginx 1.26.3 WASP: ROSA-CHROME unaffected versions = nginx-1.26.3-1 affected versions nginx-1.26.3-1 CVE-ID: CVE-2025-23419 BDU-ID: 2025-03281 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the TLS 1.3 protocol implementation of the NGINX Plus and NGINX Open Source web servers is relate...

EUVD-2024-43404

Malicious code in bioql PyPI...

Linux Distros Unpatched Vulnerability : CVE-2020-24660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL- based access control to protected Virtual Hosts by...

FreeBSD : nginx -- worker process memory disclosure (eb03714d-79f0-11f0-b4c1-ac5afc632ba3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the eb03714d-79f0-11f0-b4c1-ac5afc632ba3 advisory. F5 reports: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might...

CVE-2024-13869

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadfiles' function in all versions up to, and including, 0.9.112. This makes it possible for authenticated attackers, with...

EUVD-2025-4422

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadfiles' function in all versions up to, and including, 0.9.112. This makes it possible for authenticated attackers, with...

SUSE CVE-2024-31079

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed HTTP/3 requests can cause NGINX worker processes to terminate or cause other potential impact. This attack requires that a request be specifically timed during the connection draining process, which the attacke...

AZL-56492 CVE-2025-23419 affecting package nginx for versions less than 1.25.4-3

When multiple server blocks are configured to share the same IP address and port, an attacker can use session resumption to bypass client certificate authentication requirements on these servers. This vulnerability arises when TLS Session Tickets...

Moderate: nginx:1.22 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: HTTP/2: Multiple HTTP/2 enabled web servers are vulnerable to a DDoS attack Rapid Reset Attack CVE-2023-44487 For more details about the securi...

F5 Nginx 安全漏洞

F5 Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from F5 Inc. distributed under the BSD-like protocol. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in F5 Nginx NJS version...

USN-5371-3: nginx vulnerability

USN-5371-1 and USN-5371-2 fixed several vulnerabilities in nginx. This update provides the corresponding update for CVE-2020-11724 for Ubuntu 16.04 ESM. Original advisory details: It was discovered that nginx Lua module mishandled certain inputs. An attacker could possibly use this issue to perfo...

Nginx 资源管理错误漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS version v0.7.2, which stems from a segmentation violati...

Nginx 资源管理错误漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from the US-based Nginx Corporation. A security vulnerability exists in Nginx njs version 0.7.2, which stems from a post-release reference issue with njsawaitfulfilled...

HD-Network Real-Time Monitoring System 2.0 Local File Inclusion

Exploit Title: HD-Network Real-time Monitoring System 2.0 - Local File Inclusion LFI Google Dork: intitle:"HD-Network Real-time Monitoring System V2.0" Date: 11/12/2021 Exploit Author: Momen Eldawakhly Cyber Guy Vendor Homepage: N/A Version: V2.0 Tested on: Nginx NVRDVRIPC Web Server Proof of...

UBUNTU-CVE-2021-23017

A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...