CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

show all

412 matches found

OSV•added 2026/06/11 8:54 p.m.•3 views

USN-8425-1 libnginx-mod-js vulnerability

It was discovered that njs did not properly handle certain client- controlled variables when processing ngx.fetch requests. An attacker could possibly use this issue to trigger a heap buffer overflow, resulting in arbitrary code execution or a denial of service...

9.8CVSS6.3AI score0.00889EPSS

Exploits0References2

RedhatCVE•added 2026/01/09 10:56 a.m.•8 views

CVE-2022-38890

Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njsutf8next at src/njsutf8.h...

5.5CVSS7.3AI score0.00284EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:48 a.m.•9 views

CVE-2022-31306

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsarrayconverttoslowarray at src/njsarray.c...

5.5CVSS7.3AI score0.00613EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:46 a.m.•8 views

CVE-2022-31307

Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njsstringoffset at src/njsstring.c...

5.5CVSS7.3AI score0.00613EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:40 a.m.•8 views

CVE-2022-35173

An issue was discovered in Nginx NJS v0.7.5. The JUMP offset for a break instruction was not set to a correct offset during code generation, leading to a segmentation violation...

7.5CVSS7AI score0.0108EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:11 a.m.•6 views

CVE-2019-11838

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.splice after a resize, related to njsarrayprototypesplice in njs/njsarray.c, because of njsarrayexpand size mishandling...

9.8CVSS7.3AI score0.01598EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 10:9 a.m.•5 views

CVE-2019-11839

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in Array.prototype.push after a resize, related to njsarrayprototypepush in njs/njsarray.c, because of njsarrayexpand size mishandling...

9.8CVSS7.3AI score0.01643EPSS

Exploits1References1

RedhatCVE•added 2026/01/09 9:50 a.m.•8 views

CVE-2020-24348

njs through 0.4.3, used in NGINX, has an out-of-bounds read in njsjsonstringifyiterator in njsjson.c...

5.5CVSS6.9AI score0.00418EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:48 a.m.•6 views

CVE-2022-27007

nginx njs 0.7.2 is affected suffers from Use-after-free in njsfunctionframealloc when it try to invoke from a restored frame saved with njsfunctionframesave...

9.8CVSS6.8AI score0.01545EPSS

Exploits1References1

RedhatCVE•added 2026/01/07 9:28 a.m.•9 views

CVE-2019-12208

njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in njsfunctionnativecall in njs/njsfunction.c...

9.8CVSS7.3AI score0.01708EPSS

Exploits1References1