Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

6266 matches found

OSV
OSVadded 2022/10/28 9:15 p.m.5 views

CVE-2022-43285

Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njspromisereactionjob. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

7.5CVSS7.2AI score
Exploits0References1
Prion
Prionadded 2022/10/28 9:15 p.m.22 views

Input validation

DISPUTED Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njsscopevalidvalue at njsscope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

5CVSS7.6AI score0.00797EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/10/28 9:15 p.m.25 views

Heap overflow

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njsjsonparseiteratorcall at njsjson.c...

7.5CVSS9.4AI score0.00898EPSS
Exploits1References2Affected Software1
Prion
Prionadded 2022/10/28 9:15 p.m.14 views

Input validation

DISPUTED Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njspromisereactionjob. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

5CVSS7.5AI score0.0074EPSS
Exploits1References1Affected Software1
ATTACKERKB
ATTACKERKBadded 2022/10/28 9:15 p.m.2 views

CVE-2022-43284

Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njsscopevalidvalue at njsscope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

7.5CVSS5.8AI score0.00797EPSS
Exploits1References3
Fedora
Fedoraadded 2022/10/28 11:46 a.m.49 views

[SECURITY] Fedora 35 Update: nginx-1.22.1-1.fc35

Nginx is a web server and a reverse proxy server for HTTP, SMTP, POP3 and IMAP protocols, with a strong focus on high concurrency, performance and low memory usage...

7.8CVSS2.2AI score0.01069EPSS
Exploits2
OSV
OSVadded 2022/10/28 11:4 a.m.4 views

OESA-2022-2023 nginx security update

NGINX is a free, open-source, high-performance HTTP server and reverse proxy,as well as an IMAP/POP3 proxy server. Security Fixes: NGINX Open Source before versions 1.23.2 and 1.22.1, NGINX Open Source Subscription before versions R2 P1 and R1 P1, and NGINX Plus before versions R27 P1 and R26 P1...

7.8CVSS6.6AI score0.01069EPSS
Exploits2References3
OSV
OSVadded 2022/10/28 6:54 a.m.13 views

MGASA-2022-0398 Updated nginx packages fix security vulnerability

Two security issues were identified in the ngxhttpmp4module, which might allow an attacker to cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file, or might have potential other impact. CVE-2022-41741, CVE-2022-41742...

7.8CVSS7.2AI score0.01069EPSS
Exploits2References3
Mageia
Mageiaadded 2022/10/28 6:54 a.m.55 views

Updated nginx packages fix security vulnerability

Two security issues were identified in the ngxhttpmp4module, which might allow an attacker to cause a worker process crash or worker process memory disclosure by using a specially crafted mp4 file, or might have potential other impact. CVE-2022-41741, CVE-2022-41742...

7.8CVSS3AI score0.01069EPSS
Exploits2References2
Positive Technologies
Positive Technologiesadded 2022/10/28 12:0 a.m.4 views

PT-2022-5323 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS version 0.7.4 Description: The issue is related to a buffer overflow in the njs promise reaction job function of the njs interpreter in the nginx server. This could allow a remote attacker to cause a denial of service. The vendor...

7.8CVSS7.7AI score0.0074EPSS
Exploits1References9
Positive Technologies
Positive Technologiesadded 2022/10/28 12:0 a.m.5 views

PT-2022-5322 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS version 0.7.2 Description: The issue is related to a heap-use-after-free bug caused by an illegal memory copy in the njs json parse iterator call function at njs json.c. This bug can be exploited by a remote attacker to execute...

10CVSS9.4AI score0.00898EPSS
Exploits1References6
Cvelist
Cvelistadded 2022/10/28 12:0 a.m.28 views

CVE-2022-43286

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njsjsonparseiteratorcall at njsjson.c...

9.7AI score0.00898EPSS
Exploits1References2
CVE
CVEadded 2022/10/28 12:0 a.m.90 views

CVE-2022-43284

Nginx NJS versions 0.7.2–0.7.4 have a segmentation violation in njs_scope_valid_value (njs_scope.h). Redundant vendor dispute notes that NJS does not operate on untrusted input. Potential impact is unspecified in detail in the sources, but PT-2022-5321 mentions a possible denial of service via th...

7.5CVSS7.5AI score0.00797EPSS
Exploits1References2Affected Software1
CNNVD
CNNVDadded 2022/10/28 12:0 a.m.5 views

NGINX JavaScript 安全漏洞

NGINX JavaScript is an extension to the NGINX open source. A security vulnerability exists in NGINX JavaScript version 0.7.4, which stems from a segmentation violation in the njspromisereactionjob function...

7.5CVSS7.3AI score0.0074EPSS
Exploits1References2
Cvelist
Cvelistadded 2022/10/28 12:0 a.m.24 views

CVE-2022-43285

Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njspromisereactionjob. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

7.7AI score0.0074EPSS
Exploits1References1
Cvelist
Cvelistadded 2022/10/28 12:0 a.m.21 views

CVE-2022-43284

Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njsscopevalidvalue at njsscope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

7.8AI score0.00797EPSS
Exploits1References2
Vulnrichment
Vulnrichmentadded 2022/10/28 12:0 a.m.6 views

CVE-2022-43285

Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njspromisereactionjob. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input...

7.6AI score0.0074EPSS
Exploits1References1
Positive Technologies
Positive Technologiesadded 2022/10/28 12:0 a.m.3 views

PT-2022-5321 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS versions 0.7.2 through 0.7.4 Description: The issue is related to a segmentation violation via the njs scope valid value function at njs scope.h. This could potentially allow a remote attacker to cause a denial of service. The vendo...

7.8CVSS7.2AI score0.00797EPSS
Exploits1References8
Vulnrichment
Vulnrichmentadded 2022/10/28 12:0 a.m.6 views

CVE-2022-43286

Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njsjsonparseiteratorcall at njsjson.c...

9.5AI score0.00898EPSS
Exploits1References2
CNNVD
CNNVDadded 2022/10/28 12:0 a.m.3 views

Nginx 资源管理错误漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx, Inc. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS version 0.7.2, which stems from heap-based...

9.8CVSS8.1AI score0.00898EPSS
Exploits1References3
Rows per page
Query Builder