59 matches found
Use-after-free in HTTP/3
Use-after-free in HTTP/3 Severity: major CVE-2026-42530 Not vulnerable: 1.31.2+ Vulnerable: 1.31.0-1.31.1...
Buffer overread in the ngx_http_charset_module
Buffer overread in the ngxhttpcharsetmodule Severity: low CVE-2026-48142 Not vulnerable: 1.31.2+, 1.30.3+ Vulnerable: 0.3.50-1.31.1...
Buffer overflow in the ngx_http_proxy_v2_module and ngx_http_grpc_module
Buffer overflow in the ngxhttpproxyv2module and ngxhttpgrpcmodule Severity: medium CVE-2026-42055 Not vulnerable: 1.31.2+, 1.30.3+ Vulnerable: 1.13.10-1.31.1...
Buffer overflow in the ngx_http_rewrite_module
Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-9256 Not vulnerable: 1.31.1+, 1.30.2+ Vulnerable: 0.1.17-1.31.0...
HTTP/2 request injection in the ngx_http_proxy_module
HTTP/2 request injection in the ngxhttpproxymodule Severity: medium CVE-2026-42926 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 1.29.4-1.30.0...
HTTP/3 address spoofing
HTTP/3 address spoofing Severity: medium CVE-2026-40460 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 1.25.0-1.30.0...
Buffer overread in the ngx_http_charset_module
Buffer overread in the ngxhttpcharsetmodule Severity: low CVE-2026-42934 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.3.50-1.30.0...
Buffer overread in the ngx_http_scgi_module and ngx_http_uwsgi_module
Buffer overread in the ngxhttpscgimodule and ngxhttpuwsgimodule Severity: medium CVE-2026-42946 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.8.42-1.30.0...
Buffer overflow in the ngx_http_rewrite_module
Buffer overflow in the ngxhttprewritemodule Severity: medium CVE-2026-42945 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 0.6.27-1.30.0...
resolver use-after-free in OCSP
resolver use-after-free in OCSP Severity: medium CVE-2026-40701 Not vulnerable: 1.31.0+, 1.30.1+ Vulnerable: 1.19.0-1.30.0...
NULL pointer dereference while using CRAM-MD5 or APOP
NULL pointer dereference while using CRAM-MD5 or APOP Severity: low CVE-2026-27651 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.5.15-1.29.6...
Buffer overflow in ngx_http_dav_module
Buffer overflow in ngxhttpdavmodule Severity: medium CVE-2026-27654 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.5.13-1.29.6...
OCSP result bypass in stream
OCSP result bypass in stream Severity: medium CVE-2026-28755 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 1.27.2-1.29.6...
Injection in auth_http and XCLIENT
Injection in authhttp and XCLIENT Severity: medium CVE-2026-28753 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 0.6.27-1.29.6...
Buffer overflow in the ngx_http_mp4_module
Buffer overflow in the ngxhttpmp4module Severity: medium CVE-2026-27784 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 1.1.19-1.29.6...
Buffer overflow in the ngx_http_mp4_module
Buffer overflow in the ngxhttpmp4module Severity: medium CVE-2026-32647 Not vulnerable: 1.29.7+, 1.28.3+ Vulnerable: 1.1.19-1.29.6...
SSL upstream injection
SSL upstream injection Severity: medium CVE-2026-1642 Not vulnerable: 1.29.5+, 1.28.2+ Vulnerable: 1.3.0-1.29.4...
Buffer overread in the ngx_mail_smtp_module
Buffer overread in the ngxmailsmtpmodule Severity: low CVE-2025-53859 Not vulnerable: 1.29.1+ Vulnerable: 0.7.22-1.29.0...
SSL session reuse vulnerability
SSL session reuse vulnerability Severity: medium CVE-2025-23419 Not vulnerable: 1.27.4+, 1.26.3+ Vulnerable: 1.11.4-1.27.3...
Buffer overread in the ngx_http_mp4_module
Buffer overread in the ngxhttpmp4module Severity: low CVE-2024-7347 Not vulnerable: 1.27.1+, 1.26.2+ Vulnerable: 1.5.13-1.27.0...
NULL pointer dereference in HTTP/3
NULL pointer dereference in HTTP/3 Severity: medium CVE-2024-35200 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
Memory disclosure in HTTP/3
Memory disclosure in HTTP/3 Severity: medium CVE-2024-34161 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
Buffer overwrite in HTTP/3
Buffer overwrite in HTTP/3 Severity: medium CVE-2024-32760 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
Stack overflow and use-after-free in HTTP/3
Stack overflow and use-after-free in HTTP/3 Severity: medium CVE-2024-31079 Not vulnerable: 1.27.0+, 1.26.1+ Vulnerable: 1.25.0-1.25.5, 1.26.0...
Use-after-free in HTTP/3
Use-after-free in HTTP/3 Severity: major CVE-2024-24990 Not vulnerable: 1.25.4+ Vulnerable: 1.25.0-1.25.3...
NULL pointer dereference in HTTP/3
NULL pointer dereference in HTTP/3 Severity: major CVE-2024-24989 Not vulnerable: 1.25.4+ Vulnerable: 1.25.3...
Memory disclosure in the ngx_http_mp4_module
Memory disclosure in the ngxhttpmp4module Severity: medium CVE-2022-41742 Not vulnerable: 1.23.2+, 1.22.1+ Vulnerable: 1.1.3-1.23.1, 1.0.7-1.0.15...
Memory corruption in the ngx_http_mp4_module
Memory corruption in the ngxhttpmp4module Severity: medium CVE-2022-41741 Not vulnerable: 1.23.2+, 1.22.1+ Vulnerable: 1.1.3-1.23.1, 1.0.7-1.0.15...
1-byte memory overwrite in resolver
1-byte memory overwrite in resolver Severity: medium CVE-2021-23017 Not vulnerable: 1.21.0+, 1.20.1+ Vulnerable: 0.6.18-1.20.0...
Excessive memory usage in HTTP/2 with zero length headers
Excessive memory usage in HTTP/2 with zero length headers Severity: low CVE-2019-9516 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...
Excessive CPU usage in HTTP/2 with priority changes
Excessive CPU usage in HTTP/2 with priority changes Severity: low CVE-2019-9513 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...
Excessive CPU usage in HTTP/2 with small window updates
Excessive CPU usage in HTTP/2 with small window updates Severity: medium CVE-2019-9511 Not vulnerable: 1.17.3+, 1.16.1+ Vulnerable: 1.9.5-1.17.2...
Excessive CPU usage in HTTP/2
Excessive CPU usage in HTTP/2 Severity: low CVE-2018-16844 Not vulnerable: 1.15.6+, 1.14.1+ Vulnerable: 1.9.5-1.15.5...
Excessive memory usage in HTTP/2
Excessive memory usage in HTTP/2 Severity: low CVE-2018-16843 Not vulnerable: 1.15.6+, 1.14.1+ Vulnerable: 1.9.5-1.15.5...
Memory disclosure in the ngx_http_mp4_module
Memory disclosure in the ngxhttpmp4module Severity: medium CVE-2018-16845 Not vulnerable: 1.15.6+, 1.14.1+ Vulnerable: 1.1.3-1.15.5, 1.0.7-1.0.15...
Integer overflow in the range filter
Integer overflow in the range filter Severity: medium CVE-2017-7529 Not vulnerable: 1.13.3+, 1.12.1+ Vulnerable: 0.5.6-1.13.2...
NULL pointer dereference while writing client request body
NULL pointer dereference while writing client request body Severity: medium CVE-2016-4450 Not vulnerable: 1.11.1+, 1.10.1+ Vulnerable: 1.3.9-1.11.0...
Use-after-free during CNAME response processing in resolver
Use-after-free during CNAME response processing in resolver Severity: medium CVE-2016-0746 Not vulnerable: 1.9.10+, 1.8.1+ Vulnerable: 0.6.18-1.9.9...
Invalid pointer dereference in resolver
Invalid pointer dereference in resolver Severity: medium CVE-2016-0742 Not vulnerable: 1.9.10+, 1.8.1+ Vulnerable: 0.6.18-1.9.9...
Insufficient limits of CNAME resolution in resolver
Insufficient limits of CNAME resolution in resolver Severity: medium CVE-2016-0747 Not vulnerable: 1.9.10+, 1.8.1+ Vulnerable: 0.6.18-1.9.9...
STARTTLS command injection
STARTTLS command injection Severity: medium CVE-2014-3556 Not vulnerable: 1.7.4+, 1.6.1+ Vulnerable: 1.5.6-1.7.3...
SSL session reuse vulnerability
SSL session reuse vulnerability Severity: medium CVE-2014-3616 Not vulnerable: 1.7.5+, 1.6.2+ Vulnerable: 0.5.6-1.7.4...
SPDY memory corruption
SPDY memory corruption Severity: major CVE-2014-0088 Not vulnerable: 1.5.11+ Vulnerable: 1.5.10...
SPDY heap buffer overflow
SPDY heap buffer overflow Severity: major CVE-2014-0133 Not vulnerable: 1.5.12+, 1.4.7+ Vulnerable: 1.3.15-1.5.11...
Request line parsing vulnerability
Request line parsing vulnerability Severity: medium CVE-2013-4547 Not vulnerable: 1.5.7+, 1.4.4+ Vulnerable: 0.8.41-1.5.6...
Memory disclosure with specially crafted HTTP backend responses
Memory disclosure with specially crafted HTTP backend responses Severity: medium CVE-2013-2070 Not vulnerable: 1.5.0+, 1.4.1+, 1.2.9+ Vulnerable: 1.1.4-1.2.8, 1.3.9-1.4.0...
Stack-based buffer overflow with specially crafted request
Stack-based buffer overflow with specially crafted request Severity: major CVE-2013-2028 Not vulnerable: 1.5.0+, 1.4.1+ Vulnerable: 1.3.9-1.4.0...
Vulnerabilities with Windows directory aliases
Vulnerabilities with Windows directory aliases Severity: medium CVE-2011-4963 Not vulnerable: 1.3.1+, 1.2.1+ Vulnerable: nginx/Windows 0.7.52-1.3.0...
Buffer overflow in the ngx_http_mp4_module
Buffer overflow in the ngxhttpmp4module Severity: major CVE-2012-2089 Not vulnerable: 1.1.19+, 1.0.15+ Vulnerable: 1.1.3-1.1.18, 1.0.7-1.0.14...
Memory disclosure with specially crafted backend responses
Memory disclosure with specially crafted backend responses Severity: major CVE-2012-1180 Not vulnerable: 1.1.17+, 1.0.14+ Vulnerable: 0.1.0-1.1.16...