Lucene search
K

4 matches found

Redos
Redos
added 2026/05/24 12:0 a.m.9 views

ROS-20260524-73-0056

A vulnerability in the ngxresolvercopy function of the nginx server is related to a single offset error resulting from writing a dot character '.', 0x2E outside of the heap buffer. Exploitation of the vulnerability could allow an attacker acting remotely to execute arbitrary code or cause a denia...

7.7CVSS7.7AI score0.52838EPSS
Exploits10
Redos
Redos
added 2021/09/08 12:0 a.m.7 views

ROS-2-2202

2.2202 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

7.7CVSS9.9AI score0.52838EPSS
Exploits10
Redos
Redos
added 2021/09/08 12:0 a.m.9 views

ROS-2-2151

2.2151 Remote code execution in nginxCVE-2021-23017 1. Vulnerability Description: The vulnerability allows a remote attacker to execute arbitrary code on the target system. The vulnerability exists due to a single error in the ngxresolvercopyfunction when processing DNS responses. A remote...

8.1CVSS8.5AI score0.52838EPSS
Exploits11
RedHat Linux
RedHat Linux
added 2021/06/07 7:37 a.m.3 views

nginx: Off-by-one in ngx_resolver_copy() when labels are followed by a pointer to a root domain name

A flaw was found in nginx. An off-by-one error while processing DNS responses allows a network attacker to write a dot character out of bounds in a heap allocated buffer which can allow overwriting the least significant byte of next heap chunk metadata likely leading to a remote code execution in...

7.7CVSS8AI score0.52838EPSS
Exploits10References4
Rows per page
Query Builder