CVSS: 5.3EPSS: 27%CPEs: 10EXPL: 0CVE-2016-0747 – nginx: Insufficient limits of CNAME resolution in resolver
https://notcve.org/view.php?id=CVE-2016-0747
10 Feb 2016 — The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. El traductor de direcciones en nginx en versiones anteriores a 1.8.1 y 1.9.x en versiones anteriores a 1.9.10 no limita correctamente la resolución CNAME, lo que permite a atacantes remotos provocar una denegación de servicio (consumo de recursos por el proceso tr... • http://lists.opensuse.org/opensuse-updates/2016-02/msg00042.html • CWE-400: Uncontrolled Resource Consumption •
CVSS: 8.1EPSS: 31%CPEs: 2EXPL: 0CVE-2014-3556 – HP Security Bulletin HPSBOV03227
https://notcve.org/view.php?id=CVE-2014-3556
29 Dec 2014 — The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a cleartext command that is processed after TLS is in place, related to a "plaintext command injection" attack, a similar issue to CVE-2011-0411. La implementación STARTTLS en mail/ngx_mail_smtp_handler.c en el proxy SMTP en nginx ... • http://mailman.nginx.org/pipermail/nginx-announce/2014/000144.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVSS: 7.5EPSS: 0%CPEs: 4EXPL: 0CVE-2014-3616 – Ubuntu Security Notice USN-2351-1
https://notcve.org/view.php?id=CVE-2014-3616
22 Sep 2014 — nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual host confusion" attacks. nginx 0.5.6 hasta 1.7.4, cuando utiliza el mismo ssl_session_cache o ssl_session_ticket_key compartido para múltiples servidores, puede reutilizar una sesión SSL en caché para un contexto no relacionado, lo que permite a atacantes remot... • http://mailman.nginx.org/pipermail/nginx-announce/2014/000147.html • CWE-613: Insufficient Session Expiration •
CVSS: 9.8EPSS: 2%CPEs: 1EXPL: 0CVE-2014-0088
https://notcve.org/view.php?id=CVE-2014-0088
29 Apr 2014 — The SPDY implementation in the ngx_http_spdy_module module in nginx 1.5.10 before 1.5.11, when running on a 32-bit platform, allows remote attackers to execute arbitrary code via a crafted request. La implementación SPDY en el módulo ngx_http_spdy_module en nginx 1.5.10 anterior a 1.5.11, cuando se ejecuta en una plataforma de 32-bits, permite a atacantes remotos ejecutar código arbitrario a través de una solicitud manipulada. • http://mailman.nginx.org/pipermail/nginx-announce/2014/000132.html • CWE-119: Improper Restriction of Operations within the Bounds of a Memory Buffer •
CVSS: 9.8EPSS: 10%CPEs: 4EXPL: 0CVE-2014-0133 – Gentoo Linux Security Advisory 201406-20
https://notcve.org/view.php?id=CVE-2014-0133
28 Mar 2014 — Heap-based buffer overflow in the SPDY implementation in nginx 1.3.15 before 1.4.7 and 1.5.x before 1.5.12 allows remote attackers to execute arbitrary code via a crafted request. Desbordamiento de buffer basado en memoria dinámica en la implementación SPDY en nginx 1.3.15 anterior a 1.4.7 y 1.5.x anterior a 1.5.12 permite a atacantes remotos ejecutar código arbitrario a través de una solicitud manipulado. A bug in the experimental SPDY implementation in nginx was found, which might allow an attacker to cau... • http://lists.opensuse.org/opensuse-updates/2014-03/msg00095.html • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 93%CPEs: 9EXPL: 2CVE-2013-4547 – Nginx 1.1.17 - URI Processing SecURIty Bypass
https://notcve.org/view.php?id=CVE-2013-4547
22 Nov 2013 — nginx 0.8.41 through 1.4.3 and 1.5.x before 1.5.7 allows remote attackers to bypass intended restrictions via an unescaped space character in a URI. nginx 0.8.41 hasta la versión 1.4.3 y 1.5.x anterior a la versión 1.5.7 permite a atacantes remotos evadir restricciones intencionadas a través de un carácter de espacio sin escape en una URI. Ivan Fratric of the Google Security Team discovered a bug in nginx, which might allow an attacker to bypass security restrictions in certain configurations by using a spe... • https://www.exploit-db.com/exploits/38846 • CWE-116: Improper Encoding or Escaping of Output •
CVSS: 7.5EPSS: 0%CPEs: 51EXPL: 0CVE-2013-0337 – Gentoo Linux Security Advisory 201310-04
https://notcve.org/view.php?id=CVE-2013-0337
07 Oct 2013 — The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files. La configuración predeterminada de nginx, posiblemente versión 1.3.13 y anteriores, utiliza permisos de lectura global para los archivos (1) access.log y (2) error.log, que permite a usuarios locales obtener información sensible mediante la lectura de los archivos. Multiple vulnerabiliti... • http://secunia.com/advisories/55181 • CWE-264: Permissions, Privileges, and Access Controls •
CVSS: 7.5EPSS: 8%CPEs: 4EXPL: 0CVE-2013-2070 – Gentoo Linux Security Advisory 201310-04
https://notcve.org/view.php?id=CVE-2013-2070
08 Jul 2013 — http/modules/ngx_http_proxy_module.c in nginx 1.1.4 through 1.2.8 and 1.3.0 through 1.4.0, when proxy_pass is used with untrusted HTTP servers, allows remote attackers to cause a denial of service (crash) and obtain sensitive information from worker process memory via a crafted proxy response, a similar vulnerability to CVE-2013-2028. http/modules/ngx_http_proxy_module.c en nginx v1.1.4 hasta v1.2.8 y v1.3.0 hasta v1.4.0, cuando proxy_pass es utilizado con servidores HTTP de no confianza, permite a atacante... • http://lists.fedoraproject.org/pipermail/package-announce/2013-May/105950.html •
CVSS: 9.8EPSS: 92%CPEs: 2EXPL: 15CVE-2013-2028 – Nginx 1.3.9 < 1.4.0 - Denial of Service (PoC)
https://notcve.org/view.php?id=CVE-2013-2028
23 May 2013 — The ngx_http_parse_chunked function in http/ngx_http_parse.c in nginx 1.3.9 through 1.4.0 allows remote attackers to cause a denial of service (crash) and execute arbitrary code via a chunked Transfer-Encoding request with a large chunk size, which triggers an integer signedness error and a stack-based buffer overflow. La función ngx_http_parse_chunked en http/ngx_http_parse.c en nginx v1.3.9 hasta v1.4.0 permite a atacantes remotos causar una denegación de servicio (caída) y ejecutar código arbitrario medi... • https://packetstorm.news/files/id/125758 • CWE-787: Out-of-bounds Write •
CVSS: 9.1EPSS: 0%CPEs: 3EXPL: 0CVE-2011-4963
https://notcve.org/view.php?id=CVE-2011-4963
26 Jul 2012 — nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request. nginx/Windows v1.3.x antes de v1.3.1 y v1.2.x antes de v1.2.1 permite a atacantes remotos eludir restricciones de acceso y acceder a archivos restringidos a través de (1) un . (punto) final o (2) una serie de secuencias "$index_allocation" en una solicitud. • http://english.securitylab.ru/lab/PT-2012-06 •