59 matches found
SSL session reuse vulnerability
SSL session reuse vulnerability Severity: medium CVE-2025-23419 Not vulnerable: 1.27.4+, 1.26.3+ Vulnerable: 1.11.4-1.27.3...
1-byte memory overwrite in resolver
1-byte memory overwrite in resolver Severity: medium CVE-2021-23017 Not vulnerable: 1.21.0+, 1.20.1+ Vulnerable: 0.6.18-1.20.0...
Buffer overread in the ngx_http_mp4_module
Buffer overread in the ngxhttpmp4module Severity: low CVE-2024-7347 Not vulnerable: 1.27.1+, 1.26.2+ Vulnerable: 1.5.13-1.27.0...
Memory corruption in the ngx_http_mp4_module
Memory corruption in the ngxhttpmp4module Severity: medium CVE-2022-41741 Not vulnerable: 1.23.2+, 1.22.1+ Vulnerable: 1.1.3-1.23.1, 1.0.7-1.0.15...
Buffer overread in the ngx_mail_smtp_module
Buffer overread in the ngxmailsmtpmodule Severity: low CVE-2025-53859 Not vulnerable: 1.29.1+ Vulnerable: 0.7.22-1.29.0...
Memory disclosure in the ngx_http_mp4_module
Memory disclosure in the ngxhttpmp4module Severity: medium CVE-2022-41742 Not vulnerable: 1.23.2+, 1.22.1+ Vulnerable: 1.1.3-1.23.1, 1.0.7-1.0.15...
SPDY heap buffer overflow
SPDY heap buffer overflow Severity: major CVE-2014-0133 Not vulnerable: 1.5.12+, 1.4.7+ Vulnerable: 1.3.15-1.5.11...
SSL upstream injection
SSL upstream injection Severity: medium CVE-2026-1642 Not vulnerable: 1.29.5+, 1.28.2+ Vulnerable: 1.3.0-1.29.4...
Buffer overflow in ngx_http_dav_module
Buffer overflow in ngxhttpdavmodule Severity: medium CVE-2026-27654 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.5.13-1.29.6...
Excessive memory usage in HTTP/2 with zero length headers
Excessive memory usage in HTTP/2 with zero length headers Severity: low CVE-2019-9516 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...
Use-after-free during CNAME response processing in resolver
Use-after-free during CNAME response processing in resolver Severity: medium CVE-2016-0746 Not vulnerable: 1.9.10+, 1.8.1+ Vulnerable: 0.6.18-1.9.9...
Excessive CPU usage in HTTP/2
Excessive CPU usage in HTTP/2 Severity: low CVE-2018-16844 Not vulnerable: 1.15.6+, 1.14.1+ Vulnerable: 1.9.5-1.15.5...
Excessive memory usage in HTTP/2
Excessive memory usage in HTTP/2 Severity: low CVE-2018-16843 Not vulnerable: 1.15.6+, 1.14.1+ Vulnerable: 1.9.5-1.15.5...
Excessive CPU usage in HTTP/2 with priority changes
Excessive CPU usage in HTTP/2 with priority changes Severity: low CVE-2019-9513 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...
Memory disclosure in the ngx_http_mp4_module
Memory disclosure in the ngxhttpmp4module Severity: medium CVE-2018-16845 Not vulnerable: 1.15.6+, 1.14.1+ Vulnerable: 1.1.3-1.15.5, 1.0.7-1.0.15...
Integer overflow in the range filter
Integer overflow in the range filter Severity: medium CVE-2017-7529 Not vulnerable: 1.13.3+, 1.12.1+ Vulnerable: 0.5.6-1.13.2...
Excessive CPU usage in HTTP/2 with small window updates
Excessive CPU usage in HTTP/2 with small window updates Severity: medium CVE-2019-9511 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...
Buffer overwrite in HTTP/3
Buffer overwrite in HTTP/3 Severity: medium CVE-2024-32760 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
NULL pointer dereference in HTTP/3
NULL pointer dereference in HTTP/3 Severity: major CVE-2024-24989 Not vulnerable: 1.25.4+ Vulnerable: 1.25.3...
Use-after-free in HTTP/3
Use-after-free in HTTP/3 Severity: major CVE-2024-24990 Not vulnerable: 1.25.4+ Vulnerable: 1.25.0-1.25.3...
NULL pointer dereference in HTTP/3
NULL pointer dereference in HTTP/3 Severity: medium CVE-2024-35200 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
NULL pointer dereference while writing client request body
NULL pointer dereference while writing client request body Severity: medium CVE-2016-4450 Not vulnerable: 1.11.1+, 1.10.1+ Vulnerable: 1.3.9-1.11.0...
Insufficient limits of CNAME resolution in resolver
Insufficient limits of CNAME resolution in resolver Severity: medium CVE-2016-0747 Not vulnerable: 1.9.10+, 1.8.1+ Vulnerable: 0.6.18-1.9.9...
NULL pointer dereference while using CRAM-MD5 or APOP
NULL pointer dereference while using CRAM-MD5 or APOP Severity: low CVE-2026-27651 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.5.15-1.29.6...
Buffer overflow in the ngx_http_rewrite_module
Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-9256 Not vulnerable: 1.31.1+, 1.30.2+ Vulnerable: 0.1.17-1.31.0...
SSL session reuse vulnerability
SSL session reuse vulnerability Severity: medium CVE-2014-3616 Not vulnerable: 1.7.5+, 1.6.2+ Vulnerable: 0.5.6-1.7.4...
Invalid pointer dereference in resolver
Invalid pointer dereference in resolver Severity: medium CVE-2016-0742 Not vulnerable: 1.9.10+, 1.8.1+ Vulnerable: 0.6.18-1.9.9...
Memory disclosure in HTTP/3
Memory disclosure in HTTP/3 Severity: medium CVE-2024-34161 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
Request line parsing vulnerability
Request line parsing vulnerability Severity: medium CVE-2013-4547 Not vulnerable: 1.5.7+, 1.4.4+ Vulnerable: 0.8.41-1.5.6...
STARTTLS command injection
STARTTLS command injection Severity: medium CVE-2014-3556 Not vulnerable: 1.7.4+, 1.6.1+ Vulnerable: 1.5.6-1.7.3...
Stack-based buffer overflow with specially crafted request
Stack-based buffer overflow with specially crafted request Severity: major CVE-2013-2028 Not vulnerable: 1.5.0+, 1.4.1+ Vulnerable: 1.3.9-1.4.0...
Stack overflow and use-after-free in HTTP/3
Stack overflow and use-after-free in HTTP/3 Severity: medium CVE-2024-31079 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
Directory traversal vulnerability
Directory traversal vulnerability Severity: minor CVE-2009-3898 Not vulnerable: 0.8.17+, 0.7.63+ Vulnerable: 0.1.0-0.8.16...
Buffer overflow in the ngx_http_mp4_module
Buffer overflow in the ngxhttpmp4module Severity: major CVE-2012-2089 Not vulnerable: 1.1.19+, 1.0.15+ Vulnerable: 1.1.3-1.1.18, 1.0.7-1.0.14...
An error log data are not sanitized
An error log data are not sanitized Severity: none CVE-2009-4487 Not vulnerable: none Vulnerable: all...
The renegotiation vulnerability in SSL protocol
The renegotiation vulnerability in SSL protocol Severity: major CVE-2009-3555 Not vulnerable: 0.8.23+, 0.7.64+ Vulnerable: 0.1.0-0.8.22...
Buffer overflow in the ngx_http_rewrite_module
Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-42945 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.6.27-1.30.0...
Memory disclosure with specially crafted backend responses
Memory disclosure with specially crafted backend responses Severity: major CVE-2012-1180 Not vulnerable: 1.1.17+, 1.0.14+ Vulnerable: 0.1.0-1.1.16...
Buffer overflow in resolver
Buffer overflow in resolver Severity: medium CVE-2011-4315 Not vulnerable: 1.1.8+, 1.0.10+ Vulnerable: 0.6.18-1.1.7...
Memory disclosure with specially crafted HTTP backend responses
Memory disclosure with specially crafted HTTP backend responses Severity: medium CVE-2013-2070 Not vulnerable: 1.5.0+, 1.4.1+, 1.2.9+ Vulnerable: 1.1.4-1.2.8, 1.3.9-1.4.0...
Buffer underflow vulnerability
Buffer underflow vulnerability Severity: major CVE-2009-2629 Not vulnerable: 0.8.15+, 0.7.62+, 0.6.39+, 0.5.38+ Vulnerable: 0.1.0-0.8.14...
Null pointer dereference vulnerability
Null pointer dereference vulnerability Severity: major CVE-2009-3896 Not vulnerable: 0.8.14+, 0.7.62+, 0.6.39+, 0.5.38+ Vulnerable: 0.1.0-0.8.13...
Vulnerabilities with Windows directory aliases
Vulnerabilities with Windows directory aliases Severity: medium CVE-2011-4963 Not vulnerable: 1.3.1+, 1.2.1+ Vulnerable: nginx/Windows 0.7.52-1.3.0...
Vulnerabilities with invalid UTF-8 sequence on Windows
Vulnerabilities with invalid UTF-8 sequence on Windows Severity: major CVE-2010-2266 Not vulnerable: 0.8.41+, 0.7.67+ Vulnerable: nginx/Windows 0.7.52-0.8.40...
Buffer overflow in the ngx_http_mp4_module
Buffer overflow in the ngxhttpmp4module Severity: medium CVE-2026-32647 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 1.1.19-1.29.6...
Vulnerabilities with Windows file default stream
Vulnerabilities with Windows file default stream Severity: major CVE-2010-2263 Not vulnerable: 0.8.40+, 0.7.66+ Vulnerable: nginx/Windows 0.7.52-0.8.39...
SPDY memory corruption
SPDY memory corruption Severity: major CVE-2014-0088 Not vulnerable: 1.5.11+ Vulnerable: 1.5.10...
Injection in auth_http and XCLIENT
Injection in authhttp and XCLIENT Severity: medium CVE-2026-28753 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.6.27-1.29.6...
Buffer overflow in the ngx_http_mp4_module
Buffer overflow in the ngxhttpmp4module Severity: medium CVE-2026-27784 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 1.1.19-1.29.6...
OCSP result bypass in stream
OCSP result bypass in stream Severity: medium CVE-2026-28755 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 1.27.2-1.29.6...