Lucene search
K

90 matches found

Nginx
Nginx
added 2026/06/17 2:4 p.m.45 views

Buffer overflow in the ngx_http_proxy_v2_module and ngx_http_grpc_module

Buffer overflow in the ngxhttpproxyv2module and ngxhttpgrpcmodule Severity: medium CVE-2026-42055 Not vulnerable: 1.31.2+, 1.30.3+ Vulnerable: 1.13.10-1.31.1...

9.2CVSS5.3AI score0.02887EPSS
Exploits1References1Affected Software1
Nginx
Nginx
added 2026/05/22 2:11 p.m.329 views

Buffer overflow in the ngx_http_rewrite_module

Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-9256 Not vulnerable: 1.31.1+, 1.30.2+ Vulnerable: 0.1.17-1.31.0...

9.2CVSS5.8AI score0.04261EPSS
Exploits3References1Affected Software1
Nginx
Nginx
added 2026/05/13 2:12 p.m.43 views

HTTP/3 address spoofing

HTTP/3 address spoofing Severity: medium CVE-2026-40460 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 1.25.0-1.30.0...

6.9CVSS5.8AI score0.00367EPSS
Exploits0References1Affected Software1
Nginx
Nginx
added 2026/05/13 2:12 p.m.43 views

Buffer overread in the ngx_http_charset_module

Buffer overread in the ngxhttpcharsetmodule Severity: low CVE-2026-42934 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.3.50-1.30.0...

6.3CVSS5.8AI score0.00717EPSS
Exploits0References1Affected Software1
Nginx
Nginx
added 2026/05/13 2:12 p.m.220 views

Buffer overflow in the ngx_http_rewrite_module

Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-42945 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.6.27-1.30.0...

9.2CVSS5.9AI score0.61469EPSS
Exploits40References1Affected Software1
OSV
OSV
added 2026/04/27 6:33 p.m.8 views

JLSEC-2026-214 Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel...

Normally in OpenSSL EC groups always have a co-factor present and this is used in side channel resistant code paths. However, in some cases, it is possible to construct a group using explicit parameters instead of using a named curve. In those cases it is possible that such a group does not have...

4.7CVSS6.5AI score0.01188EPSS
Exploits0References52
EUVD
EUVD
added 2026/03/25 3:31 p.m.5 views

EUVD-2026-15404

When a certificate and its private key are installed in the Windows machine certificate store using Network and Security tool, access rights to the private key are unnecessarily granted to the operator group. Installations based on Panorama Suite 2025 25.00.004 are vulnerable unless...

6.8CVSS5.8AI score0.00122EPSS
Exploits0References2
Nginx
Nginx
added 2026/03/24 2:13 p.m.335 views

NULL pointer dereference while using CRAM-MD5 or APOP

NULL pointer dereference while using CRAM-MD5 or APOP Severity: low CVE-2026-27651 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.5.15-1.29.6...

8.7CVSS5.8AI score0.00921EPSS
Exploits0References1Affected Software1
Nginx
Nginx
added 2026/03/24 2:13 p.m.728 views

Buffer overflow in ngx_http_dav_module

Buffer overflow in ngxhttpdavmodule Severity: medium CVE-2026-27654 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.5.13-1.29.6...

8.8CVSS5.8AI score0.21621EPSS
Exploits0References1Affected Software1
Nginx
Nginx
added 2026/03/24 2:13 p.m.163 views

Injection in auth_http and XCLIENT

Injection in authhttp and XCLIENT Severity: medium CVE-2026-28753 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.6.27-1.29.6...

6.3CVSS5.8AI score0.00264EPSS
Exploits0References1Affected Software1
EUVD
EUVD
added 2025/10/03 8:7 p.m.3 views

EUVD-2025-3157

Malicious code in bioql PyPI...

6.1CVSS6.3AI score0.00347EPSS
Exploits0References3
Nginx
Nginx
added 2024/08/14 2:32 p.m.1853 views

Buffer overread in the ngx_http_mp4_module

Buffer overread in the ngxhttpmp4module Severity: low CVE-2024-7347 Not vulnerable: 1.27.1+, 1.26.2+ Vulnerable: 1.5.13-1.27.0...

5.7CVSS5.1AI score0.0032EPSS
Exploits0References1Affected Software1
Nginx
Nginx
added 2024/05/29 4:2 p.m.399 views

NULL pointer dereference in HTTP/3

NULL pointer dereference in HTTP/3 Severity: medium CVE-2024-35200 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...

5.3CVSS7.1AI score0.00917EPSS
Exploits0References1Affected Software1
Nginx
Nginx
added 2024/05/29 4:2 p.m.254 views

Stack overflow and use-after-free in HTTP/3

Stack overflow and use-after-free in HTTP/3 Severity: medium CVE-2024-31079 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...

4.8CVSS7.5AI score0.00872EPSS
Exploits0References1Affected Software1
Atlassian
Atlassian
added 2024/03/21 6:45 p.m.154 views

Jira - CVE-2024-22243

h3. Issue Summary We have several Customers waiting for a response about the vulnerability CVE-2024-22243|https://nvd.nist.gov/vuln/detail/CVE-2024-22243, if it affects Atlassian products, in particular, Jira Data Center. h3. Steps to Reproduce Run Generic Security Scan Tool h3. Expected Results...

8.1CVSS6.5AI score0.03967EPSS
Exploits1Affected Software1
OSV
OSV
added 2024/01/29 12:15 p.m.3 views

CVE-2023-5378

Improper Input Validation vulnerability in MegaBIP and already unsupported SmodBIP software allows for Stored XSS.This issue affects SmodBIP in all versions and MegaBIP in versions up to 4.36.2. MegaBIP 5.08 was tested and is not vulnerable. A precise range of vulnerable versions remains unknown...

5.4CVSS5.7AI score0.00527EPSS
Exploits0References4
0day.today
0day.today
added 2024/01/29 12:0 a.m.561 views

Atlassian Confluence SSTI Injection Exploit

This Metasploit module exploits an SSTI injection in Atlassian Confluence servers. A specially crafted HTTP request uses the injection to evaluate an OGNL expression resulting in OS command execution. Versions 8.5.0 through 8.5.3 and 8.0 to 8.4 are known to be vulnerable. This module requires...

9.8CVSS7.6AI score0.99984EPSS
Exploits31
IBM Security Bulletins
IBM Security Bulletins
added 2023/06/27 6:57 p.m.37 views

Security Bulletin: FileNet Content Manager (FNCM) FileNet Content Search Services (CSS) ThoughtWorks XStream security vulnerabilities, affected, not vulnerable

Summary Security vulnerability in FileNet Content Manager FNCM FileNet Content Search Services CSS ThoughtWorks XStream, affected, not vulnerable. Vulnerability Details CVEID:CVE-2022-41966 DESCRIPTION: XStream is vulnerable to a denial of service, caused by a stack-based buffer overflow. By...

8.2CVSS7.6AI score0.08689EPSS
Exploits1Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2023/02/28 1:12 a.m.127 views

Security Bulletin: IBM FlashSystem 710, 720, 810, and 820 systems and RamSan 710, 720, 810, and 820 systems are not affected by the Bash vulnerabilities (CVE-2014-6271, CVE-2014-7169, CVE-2014-7186, CVE-2014-7187, CVE-2014-6277, and CVE-2014-6278) Flash

Summary IBM FlashSystem 710, 720, 810, and 820 systems and RamSan 710, 720, 810, and 820 systems are not vulnerable to the Bash vulnerabilities that have been referred to as “Bash Bug” or “Shellshock” and the two memory corruption vulnerabilities. Vulnerability Details IBM FlashSystem 710, 720,...

10CVSS8.5AI score0.99999EPSS
Exploits157Affected Software5
F5 Networks
F5 Networks
added 2023/02/21 7:4 p.m.31 views

K16827: Apache Struts vulnerability CVE-2015-1831

Security Advisory Description Description Incorrect default exclude patterns were introduced in version 2.3.20 of Struts, if default settings are used, the attacker can compromise internal application's state. CVE-2015-1831 Impact There is no impact; F5 products are not affected by this...

7.5CVSS6.5AI score0.06312EPSS
Exploits0
Rows per page
Query Builder