ROS-20260508-73-0017

A vulnerability in the ngxhttpmp4module module of NGINX Open Source web servers is related to integer overflow. Exploitation of the vulnerability could allow an attacker to cause a denial of service...

CLSA-2026-1776857230 nginx: Fix of CVE-2026-27784

CVE-2026-27784: fix possible integer overflow on 32-bit platforms in ngxhttpmp4module...

Linux Distros Unpatched Vulnerability : CVE-2026-27784

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGIN...

CVE-2026-27784

The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects 32-bit NGINX Open Source if it i...

K000160364: NGINX ngx_http_mp4_module vulnerability CVE-2026-27784

Security Advisory Description The 32-bit implementation of NGINX Open Source has a vulnerability in the ngxhttpmp4module module, which might allow an attacker to over-read or over-write NGINX worker memory resulting in its termination, using a specially crafted MP4 file. The issue only affects...

EUVD-2018-8641

Malware in sbrugna...

EUVD-2022-44912

Malicious code in bioql PyPI...

EUVD-2022-44913

Malicious code in bioql PyPI...

Zimbra Collaboration Server 9.x < 9.0.0 Patch 39, 10.0.x < 10.0.7 Multiple Vulnerabilities

According to its self-reported version number, Zimbra Collaboration Server is affected by multiple vulnerabilities including: - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1 hav...

Exploit for Out-of-bounds Write in F5 Nginx

🛡️ Nginx Vulnerability Scanner Desarrollado por m10sec. E...

Debian dla-4091 : libnginx-mod-http-auth-pam - security update

The remote Debian 11 host has packages installed that are affected by multiple vulnerabilities as referenced in the dla-4091 advisory. - ------------------------------------------------------------------------- Debian LTS Advisory DLA-4091-1 [email protected]...

Linux Distros Unpatched Vulnerability : CVE-2024-7347

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its...

Linux Distros Unpatched Vulnerability : CVE-2022-41741

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R...

Linux Distros Unpatched Vulnerability : CVE-2022-41742

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R...

CBL Mariner 2.0 Security Update: nginx (CVE-2024-7347)

The version of nginx installed on the remote CBL Mariner 2.0 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the CVE-2024-7347 advisory. - NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker t...

MGASA-2024-0286 Nginx has been updated to the latest stable release to fix CVE

CVE-2024-7347: NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and...

Nginx has been updated to the latest stable release to fix CVE

CVE-2024-7347: NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4 file. The issue only affects NGINX if it is built with the ngxhttpmp4module and...

Amazon Linux 2 : nginx (ALASNGINX1-2024-007)

The version of nginx installed on the remote host is prior to 1.22.1-1. It is, therefore, affected by a vulnerability as referenced in the ALAS2NGINX1-2024-007 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX...

Amazon Linux 2023 : nginx, nginx-all-modules, nginx-core (ALAS2023-2024-707)

It is, therefore, affected by a vulnerability as referenced in the ALAS2023-2024-707 advisory. NGINX Open Source and NGINX Plus have a vulnerability in the ngxhttpmp4module, which might allow an attacker to over-read NGINX worker memory resulting in its termination, using a specially crafted mp4...

FreeBSD : nginx -- Vulnerability in the ngx_http_mp4_module (addc71b8-6024-11ef-86a1-8c164567ca3c)

The version of FreeBSD installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the addc71b8-6024-11ef-86a1-8c164567ca3c advisory. The nginx development team reports: This update fixes the buffer overread vulnerability in the...