Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6 matches found

RedHat Linux
RedHat Linuxadded 2026/05/07 7:8 p.m.3 views

NGINX: NGINX: Denial of Service due to memory corruption via crafted MP4 file

A flaw was found in NGINX Open Source, specifically within the ngxhttpmp4module. An attacker can exploit this memory corruption vulnerability by providing a specially crafted MP4 file. This can lead to an over-read or over-write of NGINX worker memory, causing the worker to terminate and resultin...

8.5CVSS5.8AI score0.00017EPSS
Exploits0References5
RedHat Linux
RedHat Linuxadded 2026/04/07 8:50 p.m.1 views

nginx: NGINX: Denial of Service or Code Execution via specially crafted MP4 files

A flaw was found in NGINX's ngxhttpmp4module. This Out-of-Bounds Read/Write vulnerability occurs due to improper handling of specially crafted MP4 files. A local authenticated attacker, by supplying a malicious MP4 file, can trigger a buffer over-read or overwrite in worker memory. This can lead ...

8.5CVSS7.5AI score0.00026EPSS
Exploits0References5
EUVD
EUVDadded 2026/03/24 3:30 p.m.1 views

EUVD-2026-14897

NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write to the NGINX worker memory resulting in its termination or possibly code execution, using a specially crafted MP4 file. This issue affect...

8.5CVSS6.1AI score0.00026EPSS
Exploits0References2
RedHat Linux
RedHat Linuxadded 2025/05/14 2:4 a.m.3 views

nginx: Memory disclosure in the ngx_http_mp4_module

A vulnerability was found in NGINX’s module, ngxhttpmp4module. This flaw allows a local attacker to cause a worker process crash or might result in worker process memory disclosure by using a specially crafted audio or video file. The issue affects only NGINX products built with ngxhttpmp4module...

7.1CVSS7.3AI score0.00086EPSS
Exploits2References5
OSV
OSVadded 2024/10/08 2:18 p.m.0 views

USN-7014-2 nginx vulnerability

USN-7014-1 fixed a vulnerability in nginx. This update provides the corresponding updates for Ubuntu 16.04 LTS and Ubuntu 18.04 LTS. Original advisory details: It was discovered that the nginx ngxhttpmp4 module incorrectly handled certain malformed mp4 files. In environments where the mp4 directi...

5.7CVSS6.7AI score0.00202EPSS
Exploits0References2
SUSE CVE
SUSE CVEadded 2023/02/15 4:24 a.m.1 views

SUSE CVE-2018-16845

nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngxhttpmp4module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. The issue only affec...

8.2CVSS6.7AI score0.03918EPSS
Exploits1References7
Rows per page
Query Builder