VYPR

Vendor CVEs

Nginx

All CVEs

103 total · sorted by risk
  • CVE-2013-0337Oct 27, 2013
    risk 0.00cvss epss 0.02

    The default configuration of nginx, possibly 1.3.13 and earlier, uses world-readable permissions for the (1) access.log and (2) error.log files, which allows local users to obtain sensitive information by reading the files.

  • CVE-2011-4963Jul 26, 2012
    risk 0.00cvss epss 0.06

    nginx/Windows 1.3.x before 1.3.1 and 1.2.x before 1.2.1 allows remote attackers to bypass intended access restrictions and access restricted files via (1) a trailing . (dot) or (2) certain "$index_allocation" sequences in a request.

  • CVE-2011-4315Dec 8, 2011
    risk 0.00cvss epss 0.06

    Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.

Page 3 of 3