1417 matches found
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
DEBIAN-CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
ALPINE-CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2021-23017
CVE-2021-23017 affects nginx's resolver. A security issue arises from an off-by-one in ngx_resolver_copy when DNS labels are followed by a root-domain pointer, allowing a crafted UDP response to overwrite the least significant byte of the next heap chunk metadata. This can lead to a worker proces...
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
1-byte memory overwrite in resolver
1-byte memory overwrite in resolver Severity: medium CVE-2021-23017 Not vulnerable: 1.21.0+, 1.20.1+ Vulnerable: 0.6.18-1.20.0...
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
USN-4972-1: PostgreSQL vulnerabilities
Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. CVE-2021-32027 Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... O...
USN-4972-1 postgresql-10, postgresql-12, postgresql-13 vulnerabilities
Tom Lane discovered that PostgreSQL incorrect handled certain array subscripting calculations. An authenticated attacker could possibly use this issue to overwrite server memory and escalate privileges. CVE-2021-32027 Andres Freund discovered that PostgreSQL incorrect handled certain INSERT ... O...
FreeBSD : NGINX -- 1-byte memory overwrite in resolver (0882f019-bd60-11eb-9bdd-8c164567ca3c)
NGINX team reports : 1-byte memory overwrite might occur during DNS server response processing if the 'resolver' directive was used, allowing an attacker who is able to forge UDP packets from the DNS server to cause worker process crash or, potentially, arbitrary code execution. %NASLMINLEVEL 703...
nginx 0.6.18 - 1.20.0 1-byte Memory Overwrite Vulnerability
nginx is prone to a 1-byte memory overwrite vulnerability. Copyright C 2021 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; yo...
NGINX -- 1-byte memory overwrite in resolver
NGINX team reports: 1-byte memory overwrite might occur during DNS server response processing if the "resolver" directive was used, allowing an attacker who is able to forge UDP packets from the DNS server to cause worker process crash or, potentially, arbitrary code execution...
UBUNTU-CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2021-23017
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
PT-2021-3126
Name of the Vulnerable Software and Affected Versions nginx versions 1.20.0 Description A security issue in the nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause a 1-byte memory overwrite, resulting in a worker process crash...
F5 NGINX Controller 安全漏洞
F5 NGINX Controller is a centralized monitoring and management platform for NGINX from F5. The platform supports the management of multiple NGINX instances using a visual interface. A security vulnerability exists in F5 NGINX Controller that allows an attacker to forge UDP packets from a DNS serv...
Telegram Stack Overflow Vulnerability (CNVD-2021-38308)
Telegram is an instant messaging mobile application. A stack overflow vulnerability exists in the custom derived graysplitcubic function of the Rlottie library for Telegram Android version prior to 7.1.0 2090, iOS version prior to 7.1, and macOS version prior to 7.1. An attacker can exploit this...
CVE-2021-31321
Telegram clients for Android (<7.1.0, 2090), iOS (<7.1), and macOS (