from 0, < 1.20.2-r2
CRITICAL9.8CVE-2026-8711NGINX JavaScript has a vulnerability when the js_fetch_proxy directive is configured with at least one client-controlled NGINX variable (fo… from 0, < 1.30.2-r1
CRITICAL9.8njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.
from 0, < 1.20.2-r2
CRITICAL9.8njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_p…
from 0, < 1.20.2-r2
CRITICAL9.8njs through 0.7.0, used in NGINX, was discovered to contain an out-of-bounds array access via njs_vmcode_typeof in /src/njs_vmcode.c.
from 0, < 1.20.2-r2
HIGH8.2NGINX ngx_http_dav_module vulnerability
from 0, < 1.28.3-r0
HIGH7.8NGINX ngx_http_mp4_module vulnerability
from 0, < 1.28.3-r0
HIGH7.8NGINX ngx_http_mp4_module vulnerability CVE-2022-41741
from 0, < 1.22.1-r0
HIGH7.7nginx - security update
from 0, < 1.16.1-r3
HIGH7.5Apache HTTP Server: mod_http2 denial of service
from 0, < 1.28.3-r3
HIGH7.5NGINX ngx_mail_auth_http_module vulnerability
from 0, < 1.28.3-r0
HIGH7.5njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.
from 0, < 1.20.2-r2
HIGH7.5Some HTTP/2 implementations are vulnerable to resource loops, potentially leading to a denial of service.
from 0, < 1.16.1-r0
HIGH7.5nghttp2 - security update
from 0, < 1.16.1-r0
HIGH7.5nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage.
from 0, < 1.14.1-r0
HIGH7.5nginx - security update
from 0, < 1.14.1-r0
HIGH7.5nginx - security update
from 0, < 1.12.1-r0
HIGH7.4nginx - security update
from 0, < 1.20.1-r1
HIGH7.1NGINX ngx_http_mp4_module vulnerability CVE-2022-41742
from 0, < 1.22.1-r0
MEDIUM6.5NGINX ngx_http_scgi_module and ngx_http_uwsgi_module vulnerability
from 0, < 1.28.3-r1
MEDIUM6.5NGINX ngx_quic_module vulnerability
from 0, < 1.28.3-r1
MEDIUM6.5NGINX HTTP/3 QUIC vulnerability
from 0, < 0
MEDIUM6.5Some HTTP/2 implementations are vulnerable to a header leak, potentially leading to a denial of service.
from 0, < 1.16.1-r0
MEDIUM6.1nginx - security update
from 0, < 1.14.1-r0
MEDIUM5.8NGINX ngx_http_proxy_v2_module vulnerability
from 0, < 0
MEDIUM5.5NGINX ngx_http_mp4_module vulnerability
from 0, < 1.28.3-r0
MEDIUM5.4NGINX ngx_stream_ssl_module vulnerability
from 0, < 1.28.3-r0
MEDIUM5.3NGINX HTTP/3 QUIC vulnerability
from 0, < 0
MEDIUM5.3NGINX HTTP/3 QUIC vulnerability
from 0, < 0
MEDIUM5.3NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker t…
from 0, < 1.16.1-r2
MEDIUM4.8NGINX ngx_http_charset_module vulnerability
from 0, < 1.28.3-r1
MEDIUM4.8NGINX ngx_http_ssl_module vulnerability
from 0, < 1.28.3-r1
MEDIUM4.8NGINX HTTP/3 QUIC vulnerability
from 0, < 0
MEDIUM4.7NGINX MP4 module vulnerability
from 0, < 1.26.2-r0
LOW3.7NGINX ngx_mail_proxy_module vulnerability
from 0, < 1.28.3-r0
—NGINX ngx_http_rewrite_module vulnerability
from 0, < 1.28.3-r2
—NGINX ngx_http_rewrite_module vulnerability
from 0, < 1.28.3-r1
—NGINX vulnerability
from 0, < 1.28.2-r0
—NGINX ngx_mail_smtp_module vulnerability
from 0, < 1.28.2-r0
—TLS Session Resumption Vulnerability
from 0, < 1.26.3-r0
—Rejected reason: DO NOT USE THIS CANDIDATE NUMBER.
from 0, < 0