Lucene search
K

25 matches found

OSV
OSV
added 2025/08/13 3:15 p.m.5 views

CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS7.5AI score
Exploits0References2
Cvelist
Cvelist
added 2025/08/13 2:46 p.m.18 views

CVE-2025-53859 NGINX ngx_mail_smtp_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS0.00371EPSS
Exploits0References1
AlpineLinux
AlpineLinux
added 2025/08/13 2:46 p.m.3 views

CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This issue happe...

6.3CVSS5.7AI score0.00371EPSS
Exploits0
FreeBSD
FreeBSD
added 2025/08/13 12:0 a.m.4 views

nginx -- worker process memory disclosure

F5 reports: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the server side may leak arbitrary bytes sent in a request to the authentication server. This...

6.3CVSS7.6AI score0.00371EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2025/07/29 12:0 a.m.2 views

PT-2025-33004

Name of the Vulnerable Software and Affected Versions NGINX versions prior to 1.28.1 NGINX versions prior to 1.29.1 Description NGINX Open Source and NGINX Plus are affected by a vulnerability in the ngx mail smtp module. This flaw could allow an unauthenticated attacker to read data from NGINX...

6.3CVSS6.3AI score0.00371EPSS
Exploits0References79
Rows per page
Query Builder