94 matches found
SUSE SLES15 Security Update : nginx (SUSE-SU-2026:2050-1)
The remote SUSE Linux SLES15 / SLESSAP15 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:2050-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the...
nginx security update
2:1.26.3-2.0.1.el101.2 - Reference oracle-indexhtml within Requires Orabug: 33802044 2:1.26.3-8 - Fix release number 2:1.26.3-7 - Resolves: RHEL-176217 - nginx: NGINX: Arbitrary Code 2:1.26.3-6 - Resolves: RHEL-157874 CVE-2026-32647 nginx: NGINX: Denial of Service or Code Execution via specially...
USN-8210-1 nginx vulnerabilities
It was discovered that the nginx ngxmailauthhttpmodule module incorrectly handled certain requests. An attacker could possibly use this issue to cause nginx to crash, resulting in a denial of service. CVE-2026-27651 It was discovered that the nginx ngxhttpdavmodule module incorrectly handled...
Unity Linux 20.1050e / 20.1060e / 20.1070e Security Update: nginx (UTSA-2026-014274)
The Unity Linux 20 host has a package installed that is affected by a vulnerability as referenced in the UTSA-2026-014274 advisory. NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an...
DEBIAN-CVE-2026-28753
NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation...
CVE-2026-27651 NGINX ngx_mail_auth_http_module vulnerability
When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the Auth-Wait...
CVE-2026-28753 NGINX ngx_mail_proxy_module vulnerability
NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to potential request manipulation...
K000160367: NGINX ngx_mail_smtp_module vulnerability CVE-2026-28753
Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxmailsmtpmodule module due to the improper handling of CRLF sequences in DNS responses. This allows an attacker-controlled DNS server to inject arbitrary headers into SMTP upstream requests, leading to...
CVE-2020-37141
AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents...
CVE-2020-37141
AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents...
AMSS++ SQL注入漏洞
AMSS++ is a tool within the Amssplus office management support system. Version 4.31 of AMSS++ has a SQL injection vulnerability. This vulnerability stems from the SQL injection in the id parameter of the modules/mail/main/maildetail.php script, which could allow attackers to access or modify...
CVE-2020-37141 AMSS++ v 4.31 - 'id' SQL Injection
AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents...
CVE-2020-37141 AMSS++ v 4.31 - 'id' SQL Injection
AMSS++ version 4.31 contains a SQL injection vulnerability in the mail module's maildetail.php script through the 'id' parameter. Attackers can manipulate the 'id' parameter in /modules/mail/main/maildetail.php to inject malicious SQL queries and potentially access or modify database contents...
CVE-2020-37141
AMSS++ v4.31 contains a SQL injection in the mail module, specifically in maildetail.php via the id parameter. The vulnerability could allow an attacker to manipulate SQL queries and access/modify database contents. According to Red Hat and PT- Security entries, remediation centers on updating to...
PT-2026-6819
Name of the Vulnerable Software and Affected Versions AMSS++ version 4.31 Description AMSS++ version 4.31 has a SQL injection issue in the mail module’s maildetail.php script. The issue is present through the id parameter. An attacker can manipulate the id parameter in the...
MGASA-2025-0245 Updated nginx package fixes security vulnerability
It was discovered that nginx contains a security issue in the ngxmailsmtpmodule which might allow an attacker to cause buffer over-read potentially resulting in sensitive information leak in a HTTP request to the authentication server CVE-2025-53859...
EUVD-2019-3450
Malware in sbrugna...
EUVD-2015-1514
Malware in sbrugna...
EUVD-2025-24579
Malicious code in bioql PyPI...
NGINX ngx_mail_smtp_module vulnerability
...