Lucene search
+L

12418 matches found

RedhatCVE
RedhatCVE
added yesterday6 views

CVE-2026-5674

A flaw was found in PipeWire, a multimedia server. This vulnerability allows an attacker to escape sandboxed applications, such as Flatpak, by exploiting PipeWire's PulseAudio compatibility layer. An attacker with minimal permissions within a sandboxed environment can load a malicious library,...

8.8CVSS6.4AI score
Exploits0References3
NVD
NVD
added 2 days ago5 views

CVE-2026-60065

When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...

6.3CVSS0.00265EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago7 views

EUVD-2026-44697

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause uninitialized memory access in the NGINX...

8.8CVSS6.1AI score0.0061EPSS
Exploits0References1
CVE
CVE
added 2 days ago66 views

CVE-2026-60005

NGINX Plus and NGINX Open Source are affected by a vulnerability in the ngx_http_slice_module. When the slice directive and unnamed regex captures are configured, or during a background cache update, unauthenticated remote attackers can trigger uninitialized memory access in the worker process, p...

8.8CVSS6.1AI score0.0061EPSS
Exploits0References1
ATTACKERKB
ATTACKERKB
added 2 days ago3 views

CVE-2026-56434

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.1AI score0.00387EPSS
Exploits0References2Affected Software2
Vulnrichment
Vulnrichment
added 2 days ago5 views

CVE-2026-56434 NGINX ngx_http_ssi_module vulnerability

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.1AI score0.00387EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44684

NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass, and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker with man-in-the-middle MITM abili...

8.3CVSS6.1AI score0.00387EPSS
Exploits0References1
EUVD
EUVD
added 2 days ago5 views

EUVD-2026-44685

When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...

6.3CVSS6.2AI score0.00265EPSS
Exploits0References1
Cvelist
Cvelist
added 2 days ago35 views

CVE-2026-60065 NGINX Plus ngx_stream_mqtt_filter_module vulnerability

When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker process, leading to a restart...

6.3CVSS0.00265EPSS
Exploits0References1
CVE
CVE
added 2 days ago17 views

CVE-2026-60065

CVE-2026-60065 affects NGINX Plus when the MQTT filter module (ngx_stream_mqtt_filter_module) is enabled. Unauthenticated attackers can send crafted requests to trigger a heap buffer over-read in an NGINX worker process, potentially causing a restart. Impact is limited to data-plane availability ...

6.3CVSS6.2AI score0.00265EPSS
Exploits0References1
CVE
CVE
added 2 days ago61 views

CVE-2026-56434

Summary: CVE-2026-56434 affects the nginx ngx_http_ssi_module in NGINX Plus and NGINX Open Source when SSI, proxy_pass, and proxy_buffering are configured off. An unauthenticated attacker with MITM control over upstream responses can trigger a heap buffer over-read in the nginx worker process, po...

8.3CVSS6.1AI score0.00387EPSS
Exploits0References1
F5 Networks
F5 Networks
added 2 days ago8 views

K000162101: NGINX Plus ngx_stream_mqtt_filter_module vulnerability CVE-2026-60065

Security Advisory Description When NGINX Plus is configured to use the Message Queuing Telemetry Transport MQTT filter module ngxstreammqttfiltermodule, unauthenticated attackers can send requests with conditions beyond the attacker's control to cause a heap buffer over-read in the NGINX worker...

6.3CVSS6.1AI score0.00265EPSS
Exploits0Affected Software5
F5 Networks
F5 Networks
added 2 days ago11 views

K000162100: NGINX ngx_http_slice_module vulnerability CVE-2026-60005

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpslicemodule module. When the slice directive and unnamed regex captures are configured or when a background cache update happens, unauthenticated attackers can send requests that may cause...

8.8CVSS6AI score0.0061EPSS
Exploits0Affected Software7
F5 Networks
F5 Networks
added 2 days ago9 views

K000162098: NGINX ngx_http_ssi_module vulnerability CVE-2026-56434

Security Advisory Description NGINX Plus and NGINX Open Source have a vulnerability in the ngxhttpssimodule module. This vulnerability may exist when the Server-Side Includes SSI, proxypass , and proxybuffering off directives are configured. With this configuration, an unauthenticated attacker wi...

8.3CVSS6.1AI score0.00387EPSS
Exploits0Affected Software7
Positive Technologies
Positive Technologies
added 2 days ago7 views

PT-2026-60206

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source affected versions not specified Description A flaw exists in the ngx http slice module module, which is enabled via the --with-http slice module configuration parameter...

8.8CVSS6.1AI score0.0061EPSS
Exploits0References6
Positive Technologies
Positive Technologies
added 2 days ago6 views

PT-2026-60184

Name of the Vulnerable Software and Affected Versions NGINX Plus affected versions not specified NGINX Open Source affected versions not specified Description A use-after-free issue exists in the ngx http ssi module module. This occurs when Server-Side Includes SSI, proxy pass, and proxy bufferin...

8.3CVSS6.1AI score0.00387EPSS
Exploits0References7
NVD
NVD
added 3 days ago6 views

CVE-2026-62655

A security flaw was found in certain NETGEAR Orbi models that could allow an unauthorized user to cause the device to stop responding or restart unexpectedly, disrupting network connectivity and making the device temporarily unavailable...

7.1CVSS0.00207EPSS
Exploits0References7
Microsoft Security Update
Microsoft Security Update
added 3 days ago78 views

2026-07 Cumulative Update for Windows Server 2022 Datacenter: Azure Edition for x64-based Systems (KB5099540)

A security issue has been identified in a Microsoft software product that could affect your system. You can help protect your system by installing this update from Microsoft. For a complete listing of the issues that are included in this update, see the associated Microsoft Knowledge Base article...

6.1AI score
Exploits0
CVE
CVE
added 3 days ago5 views

CVE-2026-10573

The vulnerability CVE-2026-10573 affects the 1734 POINT I/O module. The issue arises from improper handling of crafted CIP messages, which can cause the module to enter a faulted state. Exploitation leads to a denial-of-service condition, with the module requiring a restart to recover. Connected ...

8.7CVSS6.1AI score0.00253EPSS
Exploits0References1
NVD
NVD
added 2026/07/09 9:16 p.m.18 views

CVE-2026-33799

An Out-of-bounds Write vulnerability in the SNMP daemon snmpd of Juniper Networks Junos OS and Junos OS Evolved allows an authenticated network-based attacker sending specific valid SNMPv3 queries to trigger a memory leak. Over time, continuous receipt of these queries will result in snmpd proces...

5.3CVSS0.00368EPSS
Exploits0References1
Rows per page
Query Builder