23 matches found
BIT-NGINX-2026-42530 NGINX Open-Source ngx_http_v3_module vulnerability
NGINX Open Source has a vulnerability in the ngxhttpv3module module. When NGINX Open Source is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker along with conditions beyond their control can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This m...
DEBIAN-CVE-2026-42530
NGINX Open Source has a vulnerability in the ngxhttpv3module module. When NGINX Open Source is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker along with conditions beyond their control can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This m...
DEBIAN-CVE-2026-42055
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...
CVE-2026-42530
NGINX Open Source has a vulnerability in the ngxhttpv3module module. When NGINX Open Source is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker along with conditions beyond their control can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This m...
CVE-2026-42055
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpproxyv2module and ngxhttpgrpcmodule modules. This vulnerability exists when the proxyhttpversion to 2 or grpcpass directives are used to proxy HTTP/2 traffic, the ignoreinvalidheaders directive is set to off, and the...
PT-2026-50439
Name of the Vulnerable Software and Affected Versions NGINX Open Source versions 1.31.0 through 1.31.1 NGINX Ingress Controller affected versions not specified NGINX Gateway Fabric affected versions not specified NGINX Instance Manager affected versions not specified Description A use-after-free...
nginx 0.6.27 < 1.30.1 ngx_http_rewrite_module Heap Buffer Overflow
According to its Server response header, the installed version of nginx is 0.6.27 prior to 1.30.1. It is, therefore, affected by the following issue : - NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive i...
CVE-2026-9256
NGINX Plus and NGINX Open Source expose a vulnerability in the ngx_http_rewrite_module when a rewrite directive uses distinct, overlapping PCRE captures (e.g., ^/((.*))$) and the replacement references multiple captures (e.g., $1$2) in redirects or arguments. An unauthenticated attacker can send ...
CVE-2026-9256 NGINX ngx_http_rewrite_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...
OESA-2026-2406 nginx security update
NGINX is a free, open-source, high-performance HTTP server and reverse proxy, as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a...
CVE-2026-8711
NGINX JavaScript has a vulnerability when the jsfetchproxy directive is configured with at least one client-controlled NGINX variable for example, $http, $arg, $cookie and a location invoking the ngx.fetch operation from NGINX JavaScript. An unauthenticated attacker can exploit this vulnerability...
PT-2026-41939
Name of the Vulnerable Software and Affected Versions NGINX JavaScript affected versions not specified Description An issue exists when the 'js fetch proxy' directive is configured with at least one client-controlled NGINX variable, such as $http , $arg , or $cookie , and a location invokes the...
BIT-NGINX-2026-42945 NGINX ngx_http_rewrite_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...
SUSE CVE-2026-42945
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...
CVE-2026-42945 NGINX ngx_http_rewrite_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when the rewrite directive is followed by a rewrite, if, or set directive and an unnamed Perl-Compatible Regular Expression PCRE capture for example, $1, $2 with a replacement strin...
CVE-2026-42945
CVE-2026-42945 affects NGINX Open Source and NGINX Plus via the ngx_http_rewrite_module when a rewrite/if/set directive is followed by a PCRE capture and a replacement containing a question mark. This can cause a heap buffer overflow in the worker process and, on systems with ASLR disabled, poten...
PT-2026-40681
Name of the Vulnerable Software and Affected Versions NGINX Plus and NGINX Open Source versions 0.6.27 through 1.30.0 Description A heap buffer overflow exists in the ngx http rewrite module module. The issue occurs when a rewrite directive is followed by a rewrite, if, or set directive and...
Exploit for Out-of-bounds Write in Google Android
Skeleton but pronounced like Peloton A Zero-Click RCE explo...
TORQUE Resource Manager 2.5.x < 2.5.13 - Stack Buffer Overflow Stub
!/usr/bin/env python Exploit Title: TORQUE Resource Manager 2.5.x-2.5.13 stack based buffer overflow stub Date: 27 May 2014 Exploit Author: bwall - @botnethunter Vulnerability discovered by: MWR Labs CVE: CVE-2014-0749 Vendor Homepage: http://www.adaptivecomputing.com/ Software Link:...
CVE-2012-0056
The memwrite function in the Linux kernel before 3.2.2, when ASLR is disabled, does not properly check permissions when writing to /proc//mem, which allows local users to gain privileges by modifying process memory, as demonstrated by Mempodipper...