| 2019-04-03 | CVE-2018-4357 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Apple Xcode
A memory corruption issue was addressed with improved input validation. | 7.8 |
| 2019-03-21 | CVE-2019-3855 | Integer Overflow or Wraparound vulnerability in multiple products
An integer overflow flaw which could lead to an out of bounds write was discovered in libssh2 before 1.8.1 in the way packets are read from the server. | 8.8 |
| 2018-11-07 | CVE-2018-16845 | nginx before versions 1.15.6, 1.14.1 has a vulnerability in the ngx_http_mp4_module, which might allow an attacker to cause infinite loop in a worker process, cause a worker process crash, or might result in worker process memory disclosure by using a specially crafted mp4 file. | 6.1 |
| 2018-11-07 | CVE-2018-16844 | nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive CPU usage. | 7.5 |
| 2018-11-07 | CVE-2018-16843 | nginx before versions 1.15.6 and 1.14.1 has a vulnerability in the implementation of HTTP/2 that can allow for excessive memory consumption. | 7.5 |
| 2018-04-03 | CVE-2018-4164 | Unspecified vulnerability in Apple Xcode
An issue was discovered in certain Apple products. network low complexity apple critical | 9.8 |
| 2017-07-13 | CVE-2017-7529 | Nginx versions since 0.5.6 up to and including 1.13.2 are vulnerable to integer overflow vulnerability in nginx range filter module resulting into leak of potentially sensitive information triggered by specially crafted request. | 7.5 |
| 2016-02-15 | CVE-2016-0747 | Resource Exhaustion vulnerability in multiple products
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 does not properly limit CNAME resolution, which allows remote attackers to cause a denial of service (worker process resource consumption) via vectors related to arbitrary name resolution. | 5.3 |
| 2016-02-15 | CVE-2016-0746 | Use After Free vulnerability in multiple products
Use-after-free vulnerability in the resolver in nginx 0.6.18 through 1.8.0 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (worker process crash) or possibly have unspecified other impact via a crafted DNS response related to CNAME response processing. | 9.8 |
| 2016-02-15 | CVE-2016-0742 | NULL Pointer Dereference vulnerability in multiple products
The resolver in nginx before 1.8.1 and 1.9.x before 1.9.10 allows remote attackers to cause a denial of service (invalid pointer dereference and worker process crash) via a crafted UDP DNS response. | 7.5 |