6262 matches found
CVE-2022-31081
HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...
CVE-2022-31081
CVE-2022-31081 affects the Perl HTTP::Daemon library. Versions prior to 6.15 are vulnerable due to improper handling of the Content-Length header, which could enable HTTP request smuggling and potentially allow privileged access to APIs or poisoning of intermediate caches. The issue is documented...
CVE-2022-31081 Inconsistent Interpretation of HTTP Requests ('HTTP Request Smuggling') in HTTP::Daemon
HTTP::Daemon is a simple http server class written in perl. Versions prior to 6.15 are subject to a vulnerability which could potentially be exploited to gain privileged access to APIs or poison intermediate caches. It is uncertain how large the risks are, most Perl based applications are served ...
Critical PHP Vulnerability Exposes QNAP NAS Devices to Remote Attacks
QNAP, Taiwanese maker of network-attached storage NAS devices, on Wednesday said it's in the process of fixing a critical three-year-old PHP vulnerability that could be abused to achieve remote code execution. "A vulnerability has been reported to affect PHP versions 7.1.x below 7.1.33, 7.2.x bel...
QNAP QuTScloud RCE Vulnerability (QSA-22-20)
QNAP QuTScloud is prone to a remote code execution RCE vulnerability. SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
BSA-2022-1516
Security Advisory ID : BSA-2022-1516 Component : NGNIX Revision : 1.0 A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact...
CVE-2022-32414
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
CVE-2022-31307
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
CVE-2022-31306
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...
CVE-2022-32414
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
CVE-2022-31306
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...
CVE-2022-31307
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
CVE-2022-31306
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...
CVE-2022-32414
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
CVE-2022-31307
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
Design/Logic Flaw
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...
Design/Logic Flaw
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...
Code injection
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...
CVE-2022-32414
CVE-2022-32414 concerns Nginx NJS v0.7.2, where a segmentation fault occurs in the njs_vmcode_interpreter function (src/njs_vmcode.c). Technical details across connected sources confirm the affected component (NJS in Nginx) and the root cause is a segmentation violation within the VM code interpr...
CVE-2022-32414
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvmcodeinterpreter at src/njsvmcode.c...