44 matches found
Advisory ROSA-SA-2025-2895
Software: nginx 1.20.1 OS: rosa-server79 packageevrstring: nginx-1.20.1-22.res7.2 CVE-ID: CVE-2021-3618 BDU-ID: 2022-00351 CVE-Crit: HIGH CVE-DESC.: A vulnerability in the vsftpd FTP server is related to a lack of protection for transmitted data. Exploitation of the vulnerability could allow an...
Oracle Linux 9 : nginx (ELSA-2025-7402)
The remote Oracle Linux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2025-7402 advisory. - Resolves: RHEL-85556 - nginx: Memory disclosure in the ngxhttpmp4module CVE-2022-41742 - Resolves: RHEL-91446 - nginx: Memory corruption in the...
AlmaLinux 9 : nginx (ALSA-2025:7402)
The remote AlmaLinux 9 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2025:7402 advisory. nginx: Memory corruption in the ngxhttpmp4module CVE-2022-41741 nginx: Memory disclosure in the ngxhttpmp4module CVE-2022-41742 nginx: specially crafted M...
Exploit for Out-of-bounds Write in F5 Nginx
🛡️ Nginx Vulnerability Scanner Desarrollado por m10sec. E...
Exploit for Type Confusion in Google Chrome
CVE-2022-4174CVE-2022-41742 PoC para CVE-2022-4174CVE-2022-4...
Fedora 37 : nginx (2022-12721789aa)
The remote Fedora 37 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2022-12721789aa advisory. Security: processing of a specially crafted mp4 file by the ngxhttpmp4module might cause a worker process crash, worker process memory disclosure, o...
Photon OS 5.0: Openresty PHSA-2023-5.0-0056
An update of the openresty package has been released. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2023-5.0-0056. The text itself is copyright C VMware, Inc. include'compat.inc'; if description...
RHEL 9 : nginx (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by a vulnerability that has been acknowledged by the vendor but will not be patched. - nginx: memory leak in IPv4 Off Handler CVE-2022-3638 Note that Nessus has not tested for this issue but has instead...
RHEL 9 : nginx (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 9 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - nginx: Memory corruption in the ngxhttpmp4module CVE-2022-41741 - Rejected reason: DO NOT USE THIS...
openSUSE: Security Advisory for nginx (SUSE-SU-2023:0205-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE: Security Advisory for nginx (SUSE-SU-2023:0212-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2024 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2023-090)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2023-090 advisory. Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number. %NASLMINLEVEL 80900 C Tenable, Inc. The descriptive text and package checks ...
Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2023-099)
It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2023-2023-099 advisory. 2024-02-15: CVE-2021-3618 was added to this advisory. ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using...
K81926432: NGINX ngx_http_mp4_module vulnerability CVE-2022-41741
Security Advisory Description NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 have a vulnerability in the module ngxhttpmp4module that might allow a local attacker to corrupt NGIN...
SUSE: Security Advisory (SUSE-SU-2023:0293-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP8 : nginx (EulerOS-SA-2023-1330)
According to the versions of the nginx packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versio...
SUSE-SU-2023:0293-1 Security update for nginx
This update for nginx fixes the following issues: - CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. bsc1204526 - CVE-2022-41742: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. bsc1204527...
SUSE: Security Advisory (SUSE-SU-2023:0210-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2023:0212-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES15 / openSUSE 15 Security Update : nginx (SUSE-SU-2023:0212-1)
The remote SUSE Linux SLES15 / SLESSAP15 / openSUSE 15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2023:0212-1 advisory. - CVE-2022-41741: Handle duplicated atoms in mp4 streams, to mitigate out-of-bound reads. bsc1204526 - CVE-2022-41742...