6262 matches found
CVE-2022-29779
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvalueownenumerate at src/njsvalue.c...
CVE-2022-29779
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvalueownenumerate at src/njsvalue.c...
CVE-2022-29780
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayprototypesort at src/njsarray.c...
Design/Logic Flaw
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njssetnumber at src/njsvalue.h...
Design/Logic Flaw
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayprototypesort at src/njsarray.c...
Design/Logic Flaw
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsvalueownenumerate at src/njsvalue.c...
Nginx 安全漏洞
Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx Inc. njs is one of the scripting language components that supports extended NGINX functionality . A denial of service vulnerability exists in Nginx NJS version v0.7.2, which originates from a...
Nginx 安全漏洞
Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from the U.S. company Nginx. njs is one of the scripting language components that support extended NGINX functionality . A denial of service vulnerability exists in Nginx NJS version v0.7.2, which stems from a...
Nginx 安全漏洞
Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx Inc. njs is one of the scripting language components that supports extended NGINX functionality . A denial of service vulnerability exists in Nginx NJS version v0.7.2, which stems from a segmentatio...
Design/Logic Flaw
BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...
CVE-2022-29169 ReDoS on endpoint html5client/useragent in BigBlueButton
BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...
CVE-2022-29169 ReDoS on endpoint html5client/useragent in BigBlueButton
BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...
CVE-2022-29169 ReDoS on endpoint html5client/useragent in BigBlueButton
BigBlueButton is an open source web conferencing system. Versions starting with 2.2 and prior to 2.3.19, 2.4.7, and 2.5.0-beta.2 are vulnerable to regular expression denial of service ReDoS attacks. By using specific a RegularExpression, an attacker can cause denial of service for the bbb-html5...
Security Bulletin: Vulnerability in Nginx affects IBM Cloud Private and could allow a remote attacker to obtain sensitive information (177988)
Summary There is a vulnerability in the Nginx open source component. Nginx is used by IBM Cloud Private as a reverse proxy. The vulnerability could allow a remote attacker to obtain sensitive information. This bulletin identifies the security fixes to apply to address the Nginx vulnerability 1779...
nginx R8 < R18-P1 Multiple Vulnerabilities
According to it's self reported version, the installed version of Nginx Plus is R8 built on Open Source version 1.9.9 prior to R18-P1 built on Open Source version 1.15.10. It is, therefore, affected by multiple denial of service vulnerabilities : - A denial of service vulnerability exists in the...
Nginx Plus R1 < R15-P2 / R16 < R16-P1 Multiple Vulnerabilities
According to it's self reported version, the installed version of Nginx Plus is R1 built on Open Source version 1.5.3-1 prior to R15-P2 or R16 built on Open Source version 1.15.2 prior to R16-P1. It is, therefore, affected by the following issues : - An unspecified error exists related to the...
Nginx Plus < R24 P1 1-Byte Memory Overwrite RCE
According to it's self reported version, the installed version of Nginx Plus prior to R24 P1. It is, therefore, affected by a remote code execution vulnerability. A security issue in nginx resolver was identified, which might allow an unauthenticated remote attacker to cause 1-byte memory overwri...
Nginx Plus > R13 Data Disclosure Vulnerability
According to it's self reported version, the installed version of Nginx Plus is prior to R13 built on Open Source version 1.13.4. It is, therefore, affected by an integer overflow vulnerability in the range filter module. An unauthenticated, remote attacker can exploit this, via a specially craft...
Debian DLA-3031-1 : modsecurity-apache - LTS security update
The remote Debian 9 host has packages installed that are affected by a vulnerability as referenced in the dla-3031 advisory. - ModSecurity 3.x through 3.0.5 mishandles excessively nested JSON objects. Crafted JSON objects with nesting tens-of-thousands deep could result in the web server being...
CVE-2022-30503
Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njssetnumber at src/njsvalue.h...