Lucene search
+L

11 matches found

cve
cve
added 2026/06/16 6:40 p.m.35 views

CVE-2026-48777

CVE-2026-48777 — FileBrowser Quantum has a path-traversal in the public share PATCH endpoint. Versions prior to 1.3.2-stable, 1.4.0-beta, and 1.4.1-beta allow an attacker with a public share link that has AllowModify=true to move, copy, or rename files outside the share root by abusing publicPatc...

9.3CVSS5.4AI score0.00446EPSS
Exploits0References3
redhat
redhat
added 2026/05/11 8:53 a.m.11 views

NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module

A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...

8.8CVSS6AI score0.21621EPSS
Exploits0References5
amazon
amazon
added 2026/04/13 12:0 a.m.15 views

Important: nginx

Issue Overview: When the ngxmailauthhttpmodule module is enabled on NGINX Plus or NGINX Open Source, undisclosed requests can cause worker processes to terminate. This issue may occur when 1 CRAM-MD5 or APOP authentication is enabled, and 2 the authentication server permits retry by returning the...

8.8CVSS6.3AI score0.21621EPSS
Exploits0
redhat
redhat
added 2026/04/07 8:50 p.m.6 views

NGINX: NGINX: Denial of Service or file modification via buffer overflow in ngx_http_dav_module

A flaw was found in NGINX. A remote attacker can exploit a buffer overflow vulnerability within the ngxhttpdavmodule module. This occurs when the NGINX configuration uses DAV module MOVE or COPY methods in conjunction with prefix location and alias directives. Successful exploitation may lead to...

8.8CVSS6AI score0.21621EPSS
Exploits0References5
osv
osv
added 2026/03/27 7:10 a.m.3 views

BIT-NGINX-GATEWAY-2026-27654 NGINX ngx_http_dav_module vulnerability

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

8.8CVSS6.1AI score0.21621EPSS
Exploits0References20
susecve
susecve
added 2026/03/25 12:27 a.m.6 views

SUSE CVE-2026-27654

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

8.2CVSS6.1AI score0.21621EPSS
Exploits0References11
euvd
euvd
added 2026/03/24 3:30 p.m.4 views

EUVD-2026-14881

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

8.8CVSS6.1AI score0.21621EPSS
Exploits0References2
osv
osv
added 2026/03/24 3:16 p.m.2 views

DEBIAN-CVE-2026-27654

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

8.8CVSS5.9AI score0.21621EPSS
Exploits0References1
osv
osv
added 2026/03/24 3:16 p.m.3 views

CVE-2026-27654

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

8.8CVSS7.4AI score0.21621EPSS
Exploits0References19
debiancve
debiancve
added 2026/03/24 2:13 p.m.4 views

CVE-2026-27654

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpdavmodule module that might allow an attacker to trigger a buffer overflow to the NGINX worker process; this vulnerability may result in termination of the NGINX worker process or modification of source or destination file names...

8.8CVSS5.9AI score0.21621EPSS
Exploits0
openvas
openvas
added 2022/01/28 12:0 a.m.18 views

Mageia: Security Advisory (MGASA-2019-0214)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

8.1CVSS6.8AI score0.0184EPSS
Exploits0References4
Rows per page
Query Builder