10 matches found
EUVD-2019-4620
Malware in sbrugna...
CVE-2019-12207
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxtutf8decode in nxt/nxtutf8.c...
NGINX NJS Heap-Based Buffer Overflow (CVE-2019-12207)
A heap-based buffer overflow vulnerability exists in NGINX NJS. Successful exploitation of this vulnerability could allow a remote attacker to damage users system...
Security Bulletin: Security Vulnerabilities affect IBM Cloud Private for Data V2.1.0 NGINX (CVE-2019-12206, CVE-2019-12207, CVE-2019-12208, CVE-2019-20372), Docker (CVE-2019-17149, CVE-2019-17150), Kubernetes (CVE-2019-11245, CVE-2019-11253, CVE-2019-1022
Summary Security Bulletin: Security Vulnerabilities affect IBM Cloud Private for Data V2.1.0 NGINX CVE-2019-12206, CVE-2019-12207, CVE-2019-12208, CVE-2019-20372, Docker CVE-2019-17149, CVE-2019-17150, Kubernetes CVE-2019-11245, CVE-2019-11253, CVE-2019-10223, CVE-2019-17110 Vulnerability Details...
Security Bulletin: Aspera Web Shares application is affected by NGINX Vulnerabilities (CVE-2019-12208, CVE-2019-12207)
Summary IBM Aspera Shares has addressed the following NGINX vulnerabilities. Vulnerability Details CVEID: CVE-2019-12208 DESCRIPTION: NGINX njs is vulnerable to a heap-based buffer overflow, caused by improper bounds checking by the njsfunctionnativecall function in njs/njsfunction.c. By sending...
CVE-2019-13067
CVE-2019-13067 affects njs up to 0.3.3, used in NGINX. It is a buffer over-read in nxt_utf8_decode (nxt/nxt_utf8.c) occurring after the CVE-2019-12207 fix. CVSS: 2.0/3.0 vectors indicate HIGH/CRITICAL impact. Connected documents confirm the same root cause and describe remediation steps for IBM C...
CVE-2019-12207
creationtimestamp| type| source ---|---|--- 2019-05-20 14:51:18+00:00| seen| https://t.me/cvemitreorg/80...
CVE-2019-12207
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxtutf8decode in nxt/nxtutf8.c...
CVE-2019-12207
CVE-2019-12207 affects njs (through 0.3.1) used with NGINX, caused by a heap-based buffer over-read in nxt_utf8_decode (nxt/nxt_utf8.c). CVSS v3 base score 9.8 (CRITICAL) indicates high impact on confidentiality, integrity, and availability with network access and no authentication. The provided ...
CVE-2019-12207
njs through 0.3.1, used in NGINX, has a heap-based buffer over-read in nxtutf8decode in nxt/nxtutf8.c...