Lucene search
K

220 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/26 12:0 a.m.7 views

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:22178-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:22178-1 advisory. This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuratio...

9.2CVSS6.1AI score0.04261EPSS
Exploits3References4
RedHat Linux
RedHat Linux
added 2026/06/23 11:36 p.m.5 views

nginx: ngx_http_rewrite_module: code execution and denial of service

A flaw was found in the ngxhttprewritemodule module of NGINX. When a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures and a replacement string that references multiple such captures in a redirect or arguments context, an...

9.2CVSS6.6AI score0.04261EPSS
Exploits3References5
OSV
OSV
added 2026/06/19 4:53 p.m.2 views

SUSE-SU-2026:22178-1 Security update for nginx

This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215...

9.2CVSS6.1AI score0.04261EPSS
Exploits3References3
OSV
OSV
added 2026/06/19 4:53 p.m.2 views

OPENSUSE-SU-2026:21107-1 Security update for nginx

This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215...

9.2CVSS7.4AI score0.04261EPSS
Exploits3References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Wireshark

The CBOR dissector crash in Wireshark versions 4.0.0 to 4.0.6 allows for denial of service through packet injection or malicious capture files...

7.5CVSS6.8AI score0.00486EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.3 views

Astra Linux – Vulnerability in Wireshark

The T.38 dissector crash in Wireshark versions 4.2.0 to 4.0.3, and 4.0.0 to 4.0.13 allows for denial of service through packet injection or malicious capture files...

7.8CVSS6.8AI score0.01403EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.19 views

Astra Linux – Vulnerability in Wireshark

Large loops in multiple protocol dissectors in Wireshark versions 3.6.0 to 3.6.1 and 3.4.0 to 3.4.11 allow denial of service via packet injection or crafted capture files...

6.5CVSS6.8AI score0.02374EPSS
Exploits1References1
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Wireshark

A memory leak in the RTPS dissector in Wireshark versions 4.0.0 to 4.0.8 and 3.6.0 to 3.6.16 allows for denial of service through packet injection or malicious capture files...

6.5CVSS6.8AI score0.00485EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.5 views

Astra Linux – Vulnerability in Wireshark

The NTLMSSP dissector crash in Wireshark versions 4.2.0 to 4.0.6, as well as 4.0.0 to 4.0.16, allows for denial of service through packet injection or malicious capture files...

7.8CVSS6.6AI score0.00317EPSS
Exploits1References2
AstraLinux
AstraLinux
added 2026/06/19 11:10 a.m.20 views

Astra Linux – Vulnerability in Wireshark

The RPCoRDMA dissector crash in Wireshark versions 4.0.0 to 4.0.4 and 3.6.0 to 3.6.12 allows for denial of service through packet injection or malicious capture files...

7.5CVSS7.1AI score0.0462EPSS
Exploits1References1
Tenable Nessus
Tenable Nessus
added 2026/06/14 12:0 a.m.6 views

SUSE SLES15 Security Update : nginx (SUSE-SU-2026:2307-1)

The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by a vulnerability as referenced in the SUSE-SU-2026:2307-1 advisory. This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References4
OSV
OSV
added 2026/06/09 8:12 a.m.5 views

SUSE-SU-2026:2307-1 Security update for nginx

This update for nginx fixes the following issue - CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References3
SUSE Linux
SUSE Linux
added 2026/06/09 8:12 a.m.7 views

Security update for nginx

This update for nginx fixes the following issue CVE-2026-9256: heap buffer overflow in the ngxhttprewritemodule when using a configuration with overlapping captures bsc1266215. Patch Instructions: To install this SUSE update use the SUSE recommended installation methods like YaST onlineupdate or...

9.2CVSS5.7AI score0.04261EPSS
Exploits3References4
Amazon
Amazon
added 2026/06/08 12:0 a.m.12 views

Important: nginx

Issue Overview: NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string...

9.2CVSS6.1AI score0.04261EPSS
Exploits3
RedhatCVE
RedhatCVE
added 2026/06/02 4:3 a.m.20 views

CVE-2026-47740

Shopper is a Headless e-commerce Admin Panel. Prior to 2.8.0, Multiple Filament actions on the admin Order detail and Order shipments table were callable by an authenticated low-privilege user without the permission required to mutate orders. The order detail actions cancel, mark paid, mark...

8.1CVSS5.8AI score0.00258EPSS
Exploits0References1
OSV
OSV
added 2026/06/01 11:47 a.m.35 views

BIT-NGINX-GATEWAY-2026-9256 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References14
OSV
OSV
added 2026/06/01 11:47 a.m.8 views

BIT-NGINX-2026-9256 NGINX ngx_http_rewrite_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttprewritemodule module. This vulnerability exists when a rewrite directive uses a regex pattern with distinct, overlapping Perl-Compatible Regular Expression PCRE captures for example, ^/.$ and a replacement string that references...

9.2CVSS6.2AI score0.04261EPSS
Exploits3References14
Snyk
Snyk
added 2026/05/29 7:17 p.m.2 views

Improper Authorization

Overview Affected versions of this package are vulnerable to Improper Authorization in the capturePayment, cancel, mark paid, mark complete, archive, start processing, mark delivered, and edit tracking actions within the admin panel components. An attacker can perform unauthorized modifications t...

8.6CVSS5.8AI score0.00258EPSS
Exploits0References2
OSV
OSV
added 2026/05/26 2:10 p.m.8 views

CLSA-2026-1779804603 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: Heap buffer overflow in ngxhttprewritemodule via overlapping PCRE captures in replacement strings - debian/patches/CVE-2026-9256.patch: recompute buffer length per capture including escaping in ngxhttpscriptregexstartcode to prevent buffer overrun when redirect parameter is used ...

9.2CVSS6AI score0.04261EPSS
Exploits3References1
OSV
OSV
added 2026/05/26 9:58 a.m.7 views

CLSA-2026-1779789531 Fix CVE(s): CVE-2026-9256

SECURITY UPDATE: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - debian/patches/CVE-2026-9256.patch: fix heap buffer overflow in ngxhttprewritemodule with overlapping captures - CVE-2026-9256...

9.2CVSS6AI score0.04261EPSS
Exploits3References1
Rows per page
Query Builder