/*====== google reCaptcha ======*/
German Chinese (Traditional) Czech Danish English Filipino French Greek Hebrew Hindi Hungarian Irish Italian Japanese Korean Norwegian Persian Polish Portuguese Russian Spanish Swedish Thai Turkish

Bewertung: 0 / 5

Star InactiveStar InactiveStar InactiveStar InactiveStar Inactive
 
  • CVE-2017-7529

    Latest security vulnerabilities Nginx products Jul 13, 2017 | 00:00 am

    Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. (CVSS:5.0) (Last Update:2018-01-04)

    Read more...
  • CVE-2016-1247

    Latest security vulnerabilities Nginx products Nov 29, 2016 | 00:00 am

    The nginx package before 1.6.2-5+deb8u3 on Debian jessie, the nginx packages before 1.4.6-1ubuntu3.6 on Ubuntu 14.04 LTS, before 1.10.0-0ubuntu0.16.04.3 on Ubuntu 16.04 LTS, and before 1.10.1-0ubuntu1.1 on Ubuntu 16.10, and the nginx ebuild before 1.10.2-r3 on Gentoo allow local users[…]

    Read more...
  • CVE-2016-4450

    Latest security vulnerabilities Nginx products Jun 7, 2016 | 00:00 am

    os/unix/ngx_files.c in nginx before 1.10.1 and 1.11.x before 1.11.1 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a crafted request, involving writing a client request body to a temporary file. (CVSS:5.0)[…]

    Read more...
  • CVE-2016-0742

    Latest security vulnerabilities Nginx products Feb 15, 2016 | 00:00 am

    The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. (CVSS:5.0) (Last Update:2018-01-04)

    Read more...
  • CVE-2014-3556

    Latest security vulnerabilities Nginx products Dec 29, 2014 | 00:00 am

    The STARTTLS implementation in mail/ngx_mail_smtp_handler.c in the SMTP proxy in nginx 1.5.x and 1.6.x before 1.6.1 and 1.7.x before 1.7.4 does not properly restrict I/O buffering, which allows man-in-the-middle attackers to insert commands into encrypted SMTP sessions by sending a[…]

    Read more...
  • CVE-2014-3616

    Latest security vulnerabilities Nginx products Dec 8, 2014 | 00:00 am

    nginx 0.5.6 through 1.7.4, when using the same shared ssl_session_cache or ssl_session_ticket_key for multiple servers, can reuse a cached SSL session for an unrelated context, which allows remote attackers with certain privileges to conduct "virtual host confusion" attacks. (CVSS:4.3) (Last[…]

    Read more...
  • CVE-2011-4315

    Latest security vulnerabilities Nginx products Dec 8, 2011 | 00:00 am

    Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response. (CVSS:5.0) (Last Update:2017-01-31)

    Read more...
  • CVE-2010-2263

    Latest security vulnerabilities Nginx products Jun 15, 2010 | 00:00 am

    nginx 0.8 before 0.8.40 and 0.7 before 0.7.66, when running on Windows, allows remote attackers to obtain source code or unparsed content of arbitrary files under the web document root by appending ::$DATA to the URI. (CVSS:5.0) (Last Update:2010-06-18)

    Read more...
  • CVE-2009-3896

    Latest security vulnerabilities Nginx products Nov 24, 2009 | 00:00 am

    src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker process crash) via a[…]

    Read more...
  • CVE-2009-2629

    Latest security vulnerabilities Nginx products Sep 15, 2009 | 00:00 am

    Buffer underflow in src/http/ngx_http_parse.c in nginx 0.1.0 through 0.5.37, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.15 allows remote attackers to execute arbitrary code via crafted HTTP requests. (CVSS:7.5) (Last Update:2009-12-19)

    Read more...

Beitrag teilen

Submit to DeliciousSubmit to DiggSubmit to FacebookSubmit to Google PlusSubmit to StumbleuponSubmit to TechnoratiSubmit to TwitterSubmit to LinkedIn

Webserver Literatur

Empfehlung

Go to top