Vendor coverage

nazgul vulnerabilities

Track published CVEs, severity trends, and remediation context for nazgul products.

RSS

Total vulnerabilities

Critical issues

Average CVSS score

8.7

Search results

Filtered vulnerability results

Showing 1-4 of 4 vulnerabilities.

Sort current page

CVE-2022-48253CriticalCVSS9.8Published Jan 11, 2023

nhttpd in Nostromo before 2.1 is vulnerable to a path traversal that may allow an attacker to execute arbitrary commands on the remote server. The vulnerability occurs when the homedirs option is used.

Affected vendor

nazgul

Affected product

nostromo

Coverage

Single affected product entry

CVSS

9.8

CRITICAL

Published

Jan 11, 2023

CVE-2019-16279HighCVSS7.5Published Oct 14, 2019

A memory error in the function SSL_accept in nostromo nhttpd through 1.9.6 allows an attacker to trigger a denial of service via a crafted HTTP request.

Affected vendor

nazgul

Affected product

nostromo nhttpd

Coverage

Single affected product entry

CVSS

7.5

HIGH

Published

Oct 14, 2019

CVE-2019-16278CriticalCVSS9.8Published Oct 14, 2019

Directory Traversal in the function http_verify in nostromo nhttpd through 1.9.6 allows an attacker to achieve remote code execution via a crafted HTTP request.

Affected vendor

nazgul

Affected product

nostromo nhttpd

Coverage

Single affected product entry

CVSS

9.8

CRITICAL

Published

Oct 14, 2019

CVE-2011-0751UnknownCVSS7.5Published Mar 16, 2011

Directory traversal vulnerability in nhttpd (aka Nostromo webserver) before 1.9.4 allows remote attackers to execute arbitrary programs or read arbitrary files via a ..%2f (encoded dot dot slash) in a URI.

Affected vendor

nazgul

Affected product

nostromo

Coverage

41 affected product entries

CVSS

7.5

UNKNOWN

Published

Mar 16, 2011