| Max CVSS | 6.8 | Min CVSS | 4.9 | Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published | |
| CVE-2009-3555 | 5.8 |
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and earlier, OpenSSL before 0.9.8l, GnuTLS 2.8.5 and earlier, Mozilla Network Secu
|
13-02-2023 - 02:20 | 09-11-2009 - 17:30 | |
| CVE-2012-1180 | 5.0 |
Use-after-free vulnerability in nginx before 1.0.14 and 1.1.x before 1.1.17 allows remote HTTP servers to obtain sensitive information from process memory via a crafted backend response, in conjunction with a client request.
|
10-11-2021 - 15:57 | 17-04-2012 - 21:55 | |
| CVE-2011-4315 | 6.8 |
Heap-based buffer overflow in compression-pointer processing in core/ngx_resolver.c in nginx before 1.0.10 allows remote resolvers to cause a denial of service (daemon crash) or possibly have unspecified other impact via a long response.
|
10-11-2021 - 15:54 | 08-12-2011 - 20:55 | |
| CVE-2009-3898 | 4.9 |
Directory traversal vulnerability in src/http/modules/ngx_http_dav_module.c in nginx (aka Engine X) before 0.7.63, and 0.8.x before 0.8.17, allows remote authenticated users to create or overwrite arbitrary files via a .. (dot dot) in the Destination
|
10-11-2021 - 15:52 | 24-11-2009 - 17:30 | |
| CVE-2009-3896 | 5.0 |
src/http/ngx_http_parse.c in nginx (aka Engine X) 0.1.0 through 0.4.14, 0.5.x before 0.5.38, 0.6.x before 0.6.39, 0.7.x before 0.7.62, and 0.8.x before 0.8.14 allows remote attackers to cause a denial of service (NULL pointer dereference and worker p
|
10-11-2021 - 15:52 | 24-11-2009 - 17:30 |