Lucene search
+L

40 matches found

fedora
fedora
added 2026/06/27 12:56 a.m.6 views

[SECURITY] Fedora 43 Update: nginx-1.30.3-1.fc43

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

9.2CVSS7AI score0.03552EPSS
Exploits4
osv
osv
added 2026/06/24 12:1 p.m.4 views

RLSA-2026:28921 Important: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 For more details about the security issues, including the impac...

8.1CVSS6.3AI score0.04261EPSS
Exploits3References2
almalinux
almalinux
added 2026/06/24 12:0 a.m.6 views

Important: nginx:1.26 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 For more details about the security issues, including the impac...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References4
osv
osv
added 2026/06/24 12:0 a.m.3 views

ALSA-2026:28921 Important: nginx:1.24 security update

nginx is a web and proxy server supporting HTTP and other protocols, with a focus on high concurrency, performance, and low memory usage. Security Fixes: nginx: ngxhttprewritemodule: code execution and denial of service CVE-2026-9256 For more details about the security issues, including the impac...

9.2CVSS6.3AI score0.04261EPSS
Exploits3References4
susecve
susecve
added 2026/06/19 1:52 a.m.9 views

SUSE CVE-2026-42530

NGINX Open Source has a vulnerability in the ngxhttpv3module module. When NGINX Open Source is configured to use the HTTP/3 QUIC module, a remote unauthenticated attacker along with conditions beyond their control can use a specially crafted HTTP/3 session to reopen a QPACK encoder stream. This m...

8.1CVSS6.3AI score0.03225EPSS
Exploits3References3
ibm
ibm
added 2026/06/18 5:57 p.m.41 views

Security Bulletin: Multiple vulnerabilities with the Nginx web server used in IBM Aspera Shares 1.9.2 and earlier

Question Security Bulletin: Multiple vulnerabilities with the Nginx web server used in IBM Aspera Shares 1.9.2 and earlier "Business Unit":"code":"BU059","label":"IBM Software w/o TPS","Product":"code":"SS8NDZ","label":"IBM Aspera","Component":"","Platform":"code":"PF025","label":"Platform...

5.5AI score
Exploits0Affected Software1
redos
redos
added 2026/06/09 12:0 a.m.11 views

ROS-20260609-73-0011

The vulnerability of the ngxhttpcharsetmodule module in NGINX Plus and NGINX Open Source web servers is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow a malicious actor to compromise the confidentiality and accessibility of the protected...

6.3CVSS5.7AI score0.00717EPSS
Exploits0
impervablog
impervablog
added 2026/06/04 3:43 p.m.15 views

Imperva Customers Protected Against CVE-2026-49975 (HTTP/2 Bomb) DoS

TL;DR: CVE-2026-49975, dubbed the “HTTP/2 Bomb,” is a critical remote Denial-of-Service DoS vulnerability affecting default HTTP/2 configurations of major web servers including NGINX, Apache HTTPD, Microsoft IIS, Envoy, and Cloudflare Pingora. Discovered by security firm Calif using OpenAI’s Code...

7.5CVSS5.6AI score0.11471EPSS
Exploits8
mscve
mscve
added 2026/05/16 8:4 a.m.15 views

NGINX ngx_http_ssl_module vulnerability

...

6.3CVSS6AI score0.00677EPSS
Exploits0
mscve
mscve
added 2026/05/16 8:4 a.m.17 views

NGINX ngx_quic_module vulnerability

...

6.9CVSS5.8AI score0.00367EPSS
Exploits0
redhat
redhat
added 2026/05/05 10:38 a.m.15 views

Important: Red Hat Security Advisory: nginx security update

An update for nginx is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

8.8CVSS7.7AI score0.21621EPSS
Exploits0References5
nessus
nessus
added 2026/03/25 12:0 a.m.4 views

Linux Distros Unpatched Vulnerability : CVE-2026-32647

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module module, which might allow an attacker to trigger a buffer over-read or over-write ...

8.5CVSS7.8AI score0.00918EPSS
Exploits0References2
f5
f5
added 2026/03/24 1:46 p.m.12 views

K000160336: Out-of-band Security Notification (March 24, 2026)

Security Advisory Description On March 24, 2026, F5 announced the following security issues. This document is intended to serve as an overview of these vulnerabilities to help determine the impact to your F5 devices. You can find the details of each issue in the associated articles. High CVEs...

8.8CVSS5.8AI score0.21621EPSS
Exploits0
rosalinux
rosalinux
added 2026/03/22 6:23 p.m.13 views

Advisory ROSA-SA-2026-3214

software: nginx 1.26.3 WASP: ROSA-CHROME unaffected versions = nginx-1.26.3-1 affected versions nginx-1.26.3-1 CVE-ID: CVE-2025-23419 BDU-ID: 2025-03281 CVE-Crit: MEDIUM CVE-DESC.: A vulnerability in the TLS 1.3 protocol implementation of the NGINX Plus and NGINX Open Source web servers is relate...

5.3CVSS6.5AI score0.02646EPSS
Exploits0
euvd
euvd
added 2025/10/03 8:7 p.m.7 views

EUVD-2024-43404

Malicious code in bioql PyPI...

7.5CVSS6.5AI score0.0063EPSS
Exploits0References2
nessus
nessus
added 2025/08/20 12:0 a.m.5 views

Linux Distros Unpatched Vulnerability : CVE-2020-24660

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - An issue was discovered in LemonLDAP::NG through 2.0.8, when NGINX is used. An attacker may bypass URL- based access control to protected Virtual Hosts by...

9.8CVSS7.3AI score0.02342EPSS
Exploits1References2
nessus
nessus
added 2025/08/15 12:0 a.m.6 views

FreeBSD : nginx -- worker process memory disclosure (eb03714d-79f0-11f0-b4c1-ac5afc632ba3)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the eb03714d-79f0-11f0-b4c1-ac5afc632ba3 advisory. F5 reports: NGINX Open Source and NGINX Plus have a vulnerability in the ngxmailsmtpmodule that might...

6.3CVSS5.8AI score0.00394EPSS
Exploits0References3
bdu_fstec
bdu_fstec
added 2025/04/16 12:0 a.m.16 views

The vulnerability of the lua-nginx-module in NGINX web servers, related to inconsistent interpretation of HTTP requests, allows attackers to send hidden HTTP requests (HTTP Request Smuggling attack).

The vulnerability of the lua-nginx-module in NGINX web servers is related to inconsistent interpretation of HTTP requests. Exploiting this vulnerability allows a malicious actor to send hidden HTTP requests a type of HTTP Request Smuggling attack...

7.5CVSS7.2AI score0.00721EPSS
Exploits1References4
redhatcve
redhatcve
added 2025/02/24 1:29 p.m.13 views

CVE-2024-13869

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadfiles' function in all versions up to, and including, 0.9.112. This makes it possible for authenticated attackers, with...

7.2CVSS7.7AI score0.02076EPSS
Exploits2References1
euvd
euvd
added 2025/02/22 12:39 p.m.7 views

EUVD-2025-4422

The Migration, Backup, Staging – WPvivid Backup & Migration plugin for WordPress is vulnerable to arbitrary file uploads due to missing file type validation in the 'uploadfiles' function in all versions up to, and including, 0.9.112. This makes it possible for authenticated attackers, with...

7.2CVSS8AI score0.02076EPSS
Exploits2References6
Rows per page
Query Builder