6253 matches found
UBUNTU-CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
Malicious code in mixedzone-nginx-auth-request (npm)
The package mixedzone-nginx-auth-request was found to contain malicious code...
MAL-2025-26510 Malicious code in mixedzone-nginx-auth-request (npm)
The package mixedzone-nginx-auth-request was found to contain malicious code...
SUSE CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
AZL-66308 CVE-2025-53859 affecting package nginx for versions less than 1.22.1-14
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
AZL-66311 CVE-2025-53859 affecting package nginx for versions less than 1.25.4-5
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
DEBIAN-CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
CVE-2025-53859
Technical details about CVE-2025-53859 are not provided in the connected documents. The initial description notes an over-read in NGINX SMTP authentication, but no technical specifics are included here. Monitor for updates.
CVE-2025-53859 NGINX ngx_mail_smtp_module vulnerability
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
CVE-2025-53859 NGINX ngx_mail_smtp_module vulnerability
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
Out-of-bounds Read
Overview Affected versions of this package are vulnerable to Out-of-bounds Read in the ngxmailsmtpmodule during the NGINX SMTP authentication process. An attacker can access sensitive information by sending specially crafted SMTP requests that trigger an out-of-bounds read. Note: The issue affect...
CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
CVE-2025-53859
NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...
K000152786: NGINX ngx_mail_smtp_module vulnerability CVE-2025-53859
Security Advisory Description NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the...
F5 NGINX Plus和F5 NGINX Open Source 缓冲区错误漏洞
F5 NGINX Plus and F5 NGINX Open Source are both products of F5 Corporation, U.S.A. F5 NGINX Plus is a software-based application delivery platform.F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. A buffer error vulnerability exists in F5...
nginx -- worker process memory disclosure
F5 reports: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This...
TencentOS Server 2: nginx (TSSA-2025:0525)
The version of Tencent Linux installed on the remote TencentOS Server 2 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2025:0525 advisory. Package updates are available for TencentOS Server 2 that fix the following vulnerabilities...
GHSA-J5PM-7495-QMR3 vulnerabilities
Vulnerabilities for packages: zot, flux-image-automation-controller, witness, esbuild, mattermost, kaf, licenseclassifier, trust-manager, smarter-device-manager, fixuid, spicedb, promxy, newrelic-infra-operator, metrics-server, trino, verticadb-operator, nri-rabbitmq, k8ssandra-operator, kind,...