| CVE-2021-23017 |
AVG-1987 |
Medium |
Yes |
Arbitrary code execution |
A security issue in nginx resolver was identified, which might allow an attacker to cause 1-byte memory overwrite by using a specially crafted DNS response,... |
| CVE-2021-3618 |
AVG-2103 |
Medium |
Yes |
Insufficient validation |
ALPACA is an application layer protocol content confusion attack, exploiting TLS servers implementing different protocols but using compatible certificates,... |
| CVE-2019-9516 |
AVG-1022 |
Medium |
Yes |
Denial of service |
An issue has been found in several HTTP/2 implementations, where the attacker sends a stream of headers with a 0-length header name and 0-length header... |
| CVE-2019-9513 |
AVG-1022 |
Medium |
Yes |
Denial of service |
An issue has been found in several HTTP/2 implementations, where the attacker creates multiple request streams and continually shuffles the priority of the... |
| CVE-2019-9511 |
AVG-1022 |
Medium |
Yes |
Denial of service |
An issue has been found in several HTTP/2 implementations, where the attacker requests a large amount of data from a specified resource over multiple... |
| CVE-2017-7529 |
AVG-346 |
High |
Yes |
Information disclosure |
A security issue was identified in the range filter module of nginx < 1.13.3. A specially crafted request might result in an integer overflow and incorrect... |
| CVE-2016-1247 |
AVG-139 |
High |
No |
Privilege escalation |
A symlink attack vulnerability was discovered in nginx. An attacker who could already run commands under the nginx user id could use this access to append... |