Lucene search
+L

10 matches found

Tenable Nessus
Tenable Nessus
added 2026/05/27 12:0 a.m.12 views

Tenable Sensor Proxy < 1.4.0 Multiple Vulnerabilities (TNS-2026-15)

According to its self-reported version, the Tenable Sensor Proxy running on the remote host is prior to 1.4.0. It is, therefore, affected by multiple vulnerabilities as referenced in the TNS-2026-15 advisory. - When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed...

7.5CVSS6.8AI score0.01061EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2025/06/16 12:0 a.m.3 views

TencentOS Server 4: nginx (TSSA-2024:0615)

The version of Tencent Linux installed on the remote TencentOS Server 4 host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the TSSA-2024:0615 advisory. Package updates are available for TencentOS Server 4 that fix the following vulnerabilities...

7.5CVSS7.4AI score0.01061EPSS
Exploits0References3
RedhatCVE
RedhatCVE
added 2024/02/15 6:55 a.m.74 views

CVE-2024-24990

A flaw was found in the nginx HTTP/3 implementation. This issue may allow an attacker to use a specially crafted QUIC session to trigger a use-after-free condition, causing a worker process to crash, leading to a denial of service...

7.5CVSS7AI score0.00914EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2024/02/15 12:0 a.m.41 views

FreeBSD : nginx-devel -- Multiple Vulnerabilities in HTTP/3 (c97a4ecf-cc25-11ee-b0ee-0050569f0b83)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by multiple vulnerabilities as referenced in the c97a4ecf-cc25-11ee-b0ee-0050569f0b83 advisory. - When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed...

7.5CVSS7.6AI score0.01061EPSS
Exploits0References3
Chainguard
Chainguard
added 2024/02/14 5:15 p.m.107 views

CVE-2024-24990 vulnerabilities

Vulnerabilities for packages: nginx-mainline...

7.5CVSS7.1AI score0.00914EPSS
Exploits0
Wolfi
Wolfi
added 2024/02/14 5:15 p.m.39 views

CVE-2024-24990 vulnerabilities

Vulnerabilities for packages: nginx-mainline...

7.5CVSS7.1AI score0.00914EPSS
Exploits0
Cvelist
Cvelist
added 2024/02/14 4:30 p.m.78 views

CVE-2024-24990 NGINX HTTP/3 QUIC vulnerability

When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. Note: The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information, refer to Support for QUIC and HTTP/3...

7.5CVSS7.6AI score0.00914EPSS
Exploits0References2
CVE
CVE
added 2024/02/14 4:30 p.m.435 views

CVE-2024-24990

Summary of CVE-2024-24990 (NGINX HTTP/3 QUIC): The issue affects NGINX Plus and NGINX Open Source when the HTTP/3 QUIC module is enabled. Undisclosed requests can trigger a denial-of-service by causing NGINX worker processes to terminate. In practice, this is a data-plane DoS with no control-plan...

7.5CVSS7.5AI score0.00914EPSS
Exploits0References2Affected Software2
Nginx
Nginx
added 2024/02/14 4:30 p.m.420 views

Use-after-free in HTTP/3

Use-after-free in HTTP/3 Severity: major CVE-2024-24990 Not vulnerable: 1.25.4+ Vulnerable: 1.25.0-1.25.3...

7.5CVSS7.1AI score0.00914EPSS
Exploits0References1Affected Software1
F5 Networks
F5 Networks
added 2024/02/14 1:35 p.m.64 views

K000138445: NGINX HTTP/3 QUIC vulnerability CVE-2024-24990

Security Advisory Description When NGINX Plus or NGINX OSS are configured to use the HTTP/3 QUIC module, undisclosed requests can cause NGINX worker processes to terminate. CVE-2024-24990 Note : The HTTP/3 QUIC module is not enabled by default and is considered experimental. For more information,...

7.5CVSS7.8AI score0.00914EPSS
Exploits0Affected Software2
Rows per page
Query Builder