84 matches found
ROS-20260622-73-0042
The vulnerability of the ngxhttpmp4module in NGINX Plus and NGINX Open Source HTTP servers is related to reading beyond the buffer boundaries in memory. Exploiting this vulnerability can allow an attacker to cause service failures or execute arbitrary code...
ROS-20260508-73-0017
A vulnerability in the ngxhttpmp4module module of NGINX Open Source web servers is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...
CLSA-2026-1776857230 nginx: Fix of CVE-2026-27784
CVE-2026-27784: fix possible integer overflow on 32-bit platforms in ngxhttpmp4module...
Linux Distros Unpatched Vulnerability : CVE-2026-27784
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGIN...
CVE-2026-27784
The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...
K000160364: NGINX ngx_http_mp4_module vulnerability CVE-2026-27784
Security Advisory Description The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects...
EUVD-2018-8641
Malware in sbrugna...
EUVD-2022-44912
Malicious code in bioql PyPI...
EUVD-2022-44913
Malicious code in bioql PyPI...
Zimbra Collaboration Server 9.x < 9.0.0 Patch 39, 10.0.x < 10.0.7 Multiple Vulnerabilities
According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including: - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 hav...
Exploit for Out-of-bounds Write in F5 Nginx
🛡️ Nginx Vulnerability Scanner Desarrollado por m10sec. E...
Debian dla-4091 : libnginx-mod-http-auth-pam - security update
The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4091 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4091-1 [email protected]...
Linux Distros Unpatched Vulnerability : CVE-2024-7347
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its...
Linux Distros Unpatched Vulnerability : CVE-2022-41742
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R...
Linux Distros Unpatched Vulnerability : CVE-2022-41741
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R...
CBL Mariner 2.0 Security Update: nginx (CVE-2024-7347)
The version of nginx installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7347 advisory. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker t...
MGASA-2024-0286 Nginx has been updated to the latest stable release to fix CVE
CVE-2024-7347: NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and...
Nginx has been updated to the latest stable release to fix CVE
CVE-2024-7347: NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and...
Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2024-707)
It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-707 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4...
Amazon Linux 2 : nginx (ALASNGINX1-2024-007)
The version of nginx installed on the remote host is prior to 1.22.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2024-007 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX...