Lucene search
K

176 matches found

Nginx
Nginx
added 2026/05/22 2:11 p.m.328 views

Buffer overflow in the ngx_http_rewrite_module

Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-9256 Not vulnerable: 1.31.1+, 1.30.2+ Vulnerable: 0.1.17-1.31.0...

9.2CVSS5.8AI score0.04261EPSS
Exploits3References1Affected Software1
F5 Networks
F5 Networks
added 2026/05/22 1:48 p.m.97 views

K000161377: NGINX ngx_http_rewrite_module vulnerability CVE-2026-9256

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a...

9.2CVSS6.3AI score0.04261EPSS
Exploits3Affected Software9
OSV
OSV
added 2026/05/22 1:18 p.m.8 views

OESA-2026-2408 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a...

9.2CVSS6.3AI score0.61469EPSS
Exploits40References2
OSV
OSV
added 2026/05/22 1:18 p.m.9 views

OESA-2026-2407 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a...

9.2CVSS6.6AI score0.61469EPSS
Exploits40References2
OSV
OSV
added 2026/05/22 1:18 p.m.8 views

OESA-2026-2406 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a...

9.2CVSS6.5AI score0.61469EPSS
Exploits40References2
OSV
OSV
added 2026/05/22 1:18 p.m.8 views

OESA-2026-2405 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a...

9.2CVSS6.6AI score0.61469EPSS
Exploits40References2
CNNVD
CNNVD
added 2026/05/22 12:0 a.m.11 views

F5 NGINX Plus和F5 NGINX Open Source 安全漏洞

F5 NGINX Plus and F5 NGINX Open Source are both products of the American company F5. F5 NGINX Plus is a software-based application delivery platform. F5 NGINX Open Source is a high-performance web server, reverse proxy server, load balancer, and API gateway. Both F5 NGINX Plus and F5 NGINX Open...

9.2CVSS6AI score0.04261EPSS
Exploits3References3
Positive Technologies
Positive Technologies
added 2026/05/22 12:0 a.m.13 views

PT-2026-42776

Name of the Vulnerable Software and Affected Versions NGINX Plus versions prior to 37.0.1.1 NGINX Plus versions prior to R32 P7 NGINX Plus versions prior to R36 P5 NGINX Open Source versions 0.1.17 through 1.30.1 NGINX Open Source versions prior to 1.31.1 Description A heap buffer overflow exists...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References124
Tenable Nessus
Tenable Nessus
added 2026/05/22 12:0 a.m.13 views

TencentOS Server 3: nginx:1.24 (TSSA-2026:0338)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2026:0338 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

9.2CVSS6.9AI score0.61469EPSS
Exploits40References2
FreeBSD
FreeBSD
added 2026/05/22 12:0 a.m.85 views

nginx -- heap buffer overflow in ngx_http_rewrite_module

The nginx developers report: A heap memory buffer overflow might occur in a worker process when using a configuration with overlapping captures in ngxhttprewritemodule, potentially resulting in arbitrary code execution CVE-2026-9256...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References1
OSV
OSV
added 2026/05/21 12:49 p.m.6 views

CLSA-2026-1779367740 Fix CVE(s): CVE-2026-42945

SECURITY UPDATE: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures - debian/patches/CVE-2026-42945.patch: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures -...

9.2CVSS6.1AI score0.61469EPSS
Exploits40References1
CloudLinux
CloudLinux
added 2026/05/21 10:38 a.m.11 views

nginx: Fix of CVE-2026-42945

CVE-2026-42945: fix heap buffer overflow in ngxhttprewritemodule...

9.2CVSS6.2AI score0.61469EPSS
Exploits40
Tenable Nessus
Tenable Nessus
added 2026/05/20 12:0 a.m.13 views

Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS : nginx vulnerability (USN-8271-1)

The remote Ubuntu 22.04 LTS / 24.04 LTS / 25.10 / 26.04 LTS host has packages installed that are affected by a vulnerability as referenced in the USN-8271-1 advisory. It was discovered that the nginx ngxhttprewritemodule component incorrectly handled certain rewrite directives. A remote attacker...

9.2CVSS6.4AI score0.61469EPSS
Exploits40References2
RedHat Linux
RedHat Linux
added 2026/05/19 10:5 p.m.9 views

nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

9.2CVSS6.6AI score0.61469EPSS
Exploits40References6
RedHat Linux
RedHat Linux
added 2026/05/19 10:4 p.m.11 views

nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

9.2CVSS6.6AI score0.61469EPSS
Exploits40References6
RedHat Linux
RedHat Linux
added 2026/05/19 10:0 p.m.18 views

nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

9.2CVSS6.6AI score0.61469EPSS
Exploits40References6
GithubExploit
GithubExploit
added 2026/05/19 6:29 p.m.169 views

nginx-rift-private-lab

NGINX Rift RCE Proof of concept for CVE-2026-42945, a cri...

9.2CVSS6.7AI score0.61469EPSS
Exploits40
RedHat Linux
RedHat Linux
added 2026/05/19 4:21 p.m.10 views

nginx: NGINX: Arbitrary Code Execution Vulnerability

A flaw was found in NGINX, specifically within the ngxhttprewritemodule. An unauthenticated attacker can exploit this vulnerability by sending crafted HTTP requests under specific rewrite configurations. This can lead to a heap buffer overflow in the NGINX worker process, which may result in...

9.2CVSS6.6AI score0.61469EPSS
Exploits40References6
OSV
OSV
added 2026/05/18 5:54 p.m.7 views

CLSA-2026-1779126860 nginx: Fix of CVE-2026-42945

CVE-2026-42945: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures...

9.2CVSS5.9AI score0.61469EPSS
Exploits40References1
OSV
OSV
added 2026/05/18 5:44 p.m.5 views

CLSA-2026-1779126256 Fix CVE(s): CVE-2026-42945

SECURITY UPDATE: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures - debian/patches/CVE-2026-42945.patch: fix heap buffer overrun in ngxhttprewritemodule when rewrite is followed by set/if/rewrite with unnamed PCRE captures -...

9.2CVSS5.9AI score0.61469EPSS
Exploits40References1
Rows per page
Query Builder