CVE Daily
← All tags

Tag: NGINX Server

All CVEs associated with "NGINX Server". Page 1/1 • 9 CVEs.

CVEs tagged with this topic. Filters apply to the whole list (loaded from JSON).

CVSS ≥ 0.0
2025-08-13
Low

CVE-2025-53859

NGINX Open Source and NGINX Plus have a vulnerability in the ngx_mail_smtp_module that might allow an unauthenticated attacker to over-read NGINX SMTP authentication process memory; as a result, the…

CVSS: 3.7 CWE: CWE-125
Read more
2025-08-06
Medium

CVE-2025-54571

ModSecurity is an open source, cross platform web application firewall (WAF) engine for Apache, IIS and Nginx. In versions 2.9.11 and below, an attacker can override the HTTP response’s Content-Type,…

CVSS: 6.9 CWE: CWE-252
Read more
2025-07-22
High

CVE-2025-6213

The Nginx Cache Purge Preload plugin for WordPress is vulnerable to Remote Code Execution in all versions up to, and including, 2.1.1 via the 'nppp_preload_cache_on_update' function. This is due to i…

CVSS: 7.2 CWE: CWE-94
Read more
2025-05-06
High

CVE-2025-46728

cpp-httplib is a C++ header-only HTTP/HTTPS server and client library. Prior to version 0.20.1, the library fails to enforce configured size limits on incoming request bodies when `Transfer-Encoding:…

CVSS: 7.5 CWE: CWE-400
Read more
2024-05-03
High

CVE-2023-39481

Softing Secure Integration Server Interpretation Conflict Remote Code Execution Vulnerability. This vulnerability allows remote attackers to execute arbitrary code on affected installations of Softin…

CVSS: 8.8 CWE: CWE-436
Read more
2024-03-14
Medium

CVE-2024-24562

vantage6-UI is the official user interface for the vantage6 server. In affected versions a number of security headers are not set. This issue has been addressed in commit `68dfa6614` which is expecte…

CVSS: 5.4 CWE: CWE-668
Read more
2023-04-04
Critical

CVE-2020-19695

Buffer Overflow found in Nginx NJS allows a remote attacker to execute arbitrary code via the njs_object_property parameter of the njs/njs_vm.c function.

CVSS: 9.8 CWE: CWE-120
Read more
Critical

CVE-2020-19692

Buffer Overflow vulnerabilty found in Nginx NJS v.0feca92 allows a remote attacker to execute arbitrary code via the njs_module_read in the njs_module.c file.

CVSS: 9.8 CWE: CWE-120
Read more
2019-02-08
Critical

CVE-2019-7401

NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process cr…

CVSS: 9.8 CWE: CWE-787
Read more