Lucene search
K

430 matches found

Tenable Nessus
Tenable Nessus
added 2026/06/11 12:0 a.m.11 views

AlmaLinux 10 : openssl (ALSA-2026:25237)

The remote AlmaLinux 10 host has packages installed that are affected by multiple vulnerabilities as referenced in the ALSA-2026:25237 advisory. openssl: OpenSSL: Heap buffer overflow due to signed integer overflow in Unicode output sizing CVE-2026-7383 openssl: OpenSSL: Denial of Service due to...

9.1CVSS5.9AI score0.02719EPSS
Exploits0References17
Tenable Nessus
Tenable Nessus
added 2026/06/06 12:0 a.m.25 views

RHEL 8 : httpd:2.4 (RHSA-2026:22140)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2026:22140 advisory. The httpd packages provide the Apache HTTP Server, a powerful, efficient, and extensible web server. Security Fixes: httpd: Apache HTTP...

9.8CVSS6.4AI score0.04409EPSS
Exploits1References14
CNNVD
CNNVD
added 2026/06/02 12:0 a.m.8 views

OpenTelemetry eBPF Instrumentation 安全漏洞

OpenTelemetry eBPF Instrumentation is an open-source eBPF-based lightweight telemetry data collection tool developed by OpenTelemetry. There were security vulnerabilities in the version of OpenTelemetry eBPF Instrumentation from 0.7.0 to 0.9.0. These vulnerabilities stemmed from the log enhancer’...

5.3CVSS5.4AI score0.00172EPSS
Exploits1References2
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.16 views

SUSE SLES16 Security Update : nginx (SUSE-SU-2026:21832-1)

The remote SUSE Linux SLES16 / SLESSAP16 host has packages installed that are affected by multiple vulnerabilities as referenced in the SUSE-SU-2026:21832-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the...

9.2CVSS9AI score0.61469EPSS
Exploits40References19
Tenable Nessus
Tenable Nessus
added 2026/05/29 12:0 a.m.20 views

openSUSE 16 Security Update : nginx (openSUSE-SU-2026:20796-1)

The remote openSUSE 16 host has packages installed that are affected by multiple vulnerabilities as referenced in the openSUSE-SU-2026:20796-1 advisory. This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is...

9.2CVSS9AI score0.61469EPSS
Exploits40References18
SUSE Linux
SUSE Linux
added 2026/05/25 1:58 p.m.23 views

Security update for nginx

This update for nginx fixes the following issues CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. CVE-2026-40701: heap...

8.6CVSS7.6AI score0.61469EPSS
Exploits40References24
OSV
OSV
added 2026/05/25 1:58 p.m.11 views

SUSE-SU-2026:2050-1 Security update for nginx

This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. - CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. - CVE-2026-40701: heap...

9.2CVSS7.6AI score0.61469EPSS
Exploits40References13
OSV
OSV
added 2026/05/25 7:42 a.m.8 views

OPENSUSE-SU-2026:20796-1 Security update for nginx

This update for nginx fixes the following issues - CVE-2026-27651: denial of service via undisclosed requests when the ngxmailauthhttpmodule is enabled bsc1260415. - CVE-2026-32647: NGINX worker memory over-read or over-write via a specially crafted MP4 file bsc1260420. - CVE-2026-40701: heap...

9.2CVSS7.6AI score0.61469EPSS
Exploits40References12
AstraLinux
AstraLinux
added 2026/05/20 5:53 a.m.8 views

Astra Linux – Vulnerability in Linux, Linux 5.10

A flaw was discovered in the Linux kernel’s driver for ASIX AX88179178A-based USB 2.0/3.0 Gigabit Ethernet devices. The vulnerability involves multiple out-of-bounds reads and possible out-of-bounds writes...

7.8CVSS6.7AI score0.00294EPSS
Exploits0References2
Redos
Redos
added 2026/05/20 12:0 a.m.15 views

ROS-20260520-73-0032

A vulnerability in the CSS component of the Google Chrome browser is related to reading data outside of buffer boundaries in memory. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service using a specially crafted HTML page...

8.8CVSS7.6AI score0.00454EPSS
Exploits0
OSV
OSV
added 2026/05/19 5:20 p.m.7 views

OPENSUSE-SU-2026:20784-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784: NGINX worker memor...

8.8CVSS7.7AI score0.21621EPSS
Exploits0References10
OSV
OSV
added 2026/05/19 5:20 p.m.10 views

SUSE-SU-2026:21823-1 Security update for nginx

This update for nginx fixes the following issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784: NGINX worker memor...

8.8CVSS7.7AI score0.21621EPSS
Exploits0References11
Github Security Blog
Github Security Blog
added 2026/05/18 8:11 p.m.16 views

OpenTelemetry eBPF Instrumentation: CPU-mismatch fallback uses 256-byte buffer with 8KB size

Summary The per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can be up to 8KB. If a CPU mismatch occurs, OBI can read beyond the fallback buffer and leak adjacent memory into telemetry. Details...

5.9CVSS5.9AI score0.00287EPSS
Exploits1References4Affected Software1
SUSE Linux
SUSE Linux
added 2026/05/18 7:53 a.m.8 views

Security update for nginx

This update for nginx fixes the following issues Security issues: CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. CVE-2026-27784: NGINX...

8.3CVSS7.7AI score0.21621EPSS
Exploits0References18
OSV
OSV
added 2026/05/18 7:53 a.m.4 views

SUSE-SU-2026:1953-1 Security update for nginx

This update for nginx fixes the following issues Security issues: - CVE-2026-1642: plain text data injection into the response from an upstream proxied server bsc1257675. - CVE-2026-27654: buffer overflow in the NGINX worker process via the ngxhttpdavmodule module bsc1260416. - CVE-2026-27784:...

8.8CVSS7.7AI score0.21621EPSS
Exploits0References10
Positive Technologies
Positive Technologies
added 2026/05/18 12:0 a.m.13 views

PT-2026-41786

Name of the Vulnerable Software and Affected Versions OpenTelemetry eBPF Instrumentation versions prior to 0.9.0 Description The per-CPU message-buffer fallback path uses a 256-byte backup buffer but preserves the original payload size, which can reach up to 8KB. If a CPU mismatch occurs between...

5.9CVSS5.9AI score0.00287EPSS
Exploits1References6
OSV
OSV
added 2026/05/15 8:50 a.m.7 views

BIT-NGINX-GATEWAY-2026-42946 NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability

A vulnerability exists in the ngxhttpscgimodule and ngxhttpuwsgimodule modules that may result in excessive memory allocation or an over-read of data. When scgipass or uwsgipass is configured, an unauthenticated attacker with man-in-the-middle MITM ability to control responses from an upstream...

8.3CVSS6AI score0.00932EPSS
Exploits0References2
OSV
OSV
added 2026/05/15 8:50 a.m.5 views

BIT-NGINX-2026-42946 NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability

A vulnerability exists in the ngxhttpscgimodule and ngxhttpuwsgimodule modules that may result in excessive memory allocation or an over-read of data. When scgipass or uwsgipass is configured, an unauthenticated attacker with man-in-the-middle MITM ability to control responses from an upstream...

8.3CVSS6AI score0.00932EPSS
Exploits0References2
SUSE CVE
SUSE CVE
added 2026/05/14 3:1 a.m.12 views

SUSE CVE-2026-42946

A vulnerability exists in the ngxhttpscgimodule and ngxhttpuwsgimodule modules that may result in excessive memory allocation or an over-read of data. When scgipass or uwsgipass is configured, an unauthenticated attacker with man-in-the-middle MITM ability to control responses from an upstream...

6.5CVSS5.8AI score0.00932EPSS
Exploits0References6
Tenable Nessus
Tenable Nessus
added 2026/05/14 12:0 a.m.7 views

Linux Distros Unpatched Vulnerability : CVE-2026-42946

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A vulnerability exists in the ngxhttpscgimodule and ngxhttpuwsgimodule modules that may result in excessive memory allocation or an over-read of data. When...

8.3CVSS5.9AI score0.00932EPSS
Exploits0References2
Rows per page
Query Builder