Lucene search
+L

20 matches found

BDU FSTEC
BDU FSTEC
added 4 days ago4 views

The vulnerability of the ngx_http_js_module module in the NGINX JavaScript (njs) interpreter allows a attacker to execute arbitrary code or cause a service failure.

The vulnerability of the ngxhttpjsmodule module in the NGINX JavaScript njs interpreter is related to buffer overflows in dynamic memory. Exploiting this vulnerability allows a remote attacker to execute arbitrary code or cause a service failure...

8.1CVSS6.4AI score0.00889EPSS
Exploits0References4Affected Software2
BDU FSTEC
BDU FSTEC
added 2023/12/04 12:0 a.m.9 views

The vulnerability of the njs_function_frame function (src/njs_function.h) in the njs interpreter of the nginx server allows a hacker to cause a service failure.

The vulnerability of the njsfunctionframe function src/njsfunction.h in the njs interpreter of the nginx server is related to reading beyond the memory boundaries. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS7.2AI score0.00732EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2023/12/04 12:0 a.m.6 views

Vulnerability of the njs_lvlhsh_find function in the njs interpreter of the nginx server, allowing a hacker to cause a service failure

The vulnerability of the jsvmcodereturn function src/njsvmcode.c in the njs interpreter of the nginx server is related to reading beyond the memory boundaries. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS7.2AI score0.0074EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2023/04/09 12:0 a.m.6 views

PT-2023-7316 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS version 0.7.10 Description: The issue is related to a segmentation violation via the function njs dump is recursive at src/njs vmcode.c. This is caused by a memory boundary read issue in the njs dump is recursive function of the Ngi...

7.8CVSS7.2AI score0.0074EPSS
Exploits1References9
BDU FSTEC
BDU FSTEC
added 2022/11/03 12:0 a.m.7 views

The vulnerability of the njs_promise_reaction_job function in the njs interpreter of the nginx server allows a attacker to cause a service failure.

The vulnerability of the njspromisereactionjob function in the njs interpreter of the nginx server is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

7.8CVSS7.6AI score0.0074EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/11/03 12:0 a.m.8 views

The vulnerability of the njs_json_parse_iterator_call function (njs_json.c) in the njs interpreter of the nginx server allows a hacker to execute arbitrary code.

The vulnerability of the njsjsonparseiteratorcall function njsjson.c in the njs interpreter of the nginx server is related to the use of memory after it is freed. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

10CVSS8.1AI score0.00898EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/08/22 12:0 a.m.6 views

The vulnerability of the njs_array_convert_to_slow_array function (src/njs_array.c) in the NJS interpreter of the nginx server allows a attacker to increase their privileges.

The vulnerability of the njsarrayconverttoslowarray function src/njsarray.c in the njs interpreter of the nginx server involves an uncontrolled resource consumption. Exploiting this vulnerability can allow a remote attacker to increase their privileges...

5.5CVSS6AI score0.00628EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/27 12:0 a.m.7 views

The vulnerability of the njs_default_module_loader function in the njs interpreter of the nginx server allows a attacker to compromise the confidentiality, integrity, and accessibility of the protected information.

The vulnerability of the njsdefaultmoduleloader function /src/njs/src/njsmodule.c in the njs interpreter of the nginx server is caused by an overflow of the stack buffer. Exploiting this vulnerability could allow a remote attacker to compromise the confidentiality, integrity, and accessibility of...

5.5CVSS7.8AI score0.01691EPSS
Exploits1References6Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.9 views

Vulnerability of the njs_utf8_next() function (src/njs_utf8.h) in the njs interpreter of the nginx server, allowing a attacker to execute arbitrary code

The vulnerability of the njsutf8next function src/njsutf8.h in the njs interpreter of the nginx server is related to the execution of an operation outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS8AI score0.00982EPSS
Exploits1References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.6 views

Vulnerability of the njs_value_property() function (njs_value.c) in the njs interpreter of the nginx server, allowing a hacker to execute arbitrary code

The vulnerability of the njsvalueproperty function njsvalue.c in the njs interpreter of the nginx server is related to the execution of operations outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS8AI score0.00851EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.9 views

Vulnerability of the njs_djb_hash() function (src/njs_djb_hash.c) in the njs interpreter of the nginx server, allowing a hacker to execute arbitrary code

The vulnerability of the njsdjbhash function src/njsdjbhash.c in the njs interpreter of the nginx server is related to the execution of an operation outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS8AI score0.00851EPSS
Exploits1References2Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.12 views

The vulnerability of the njs_vmcode_interpreter function (src/njs_vmcode.c) in the njs interpreter of the nginx server allows a hacker to cause a service failure.

The vulnerability of the njsvmcodeinterpreter function src/njsvmcode.c in the njs interpreter of the nginx server involves an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service failures remotely...

5.5CVSS5.9AI score0.00628EPSS
Exploits1References5Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/07/20 12:0 a.m.6 views

Vulnerability of the njs_value_own_enumerate() function (src/njs_value.c) in the njs interpreter of the nginx server, allowing a hacker to execute arbitrary code

The vulnerability of the njsvalueownenumerate function src/njsvalue.c in the njs interpreter of the nginx server is related to the execution of an operation outside of the buffer in memory. Exploiting this vulnerability could allow a remote attacker to execute arbitrary code...

7.5CVSS8AI score0.00851EPSS
Exploits1References4Affected Software1
Positive Technologies
Positive Technologies
added 2022/07/18 12:0 a.m.3 views

PT-2022-3708 · Nginx · Nginx Njs

Name of the Vulnerable Software and Affected Versions: Nginx NJS version 0.7.4 Description: The issue is related to a buffer overflow in the njs value property function of the njs interpreter in the Nginx server. This could allow a remote attacker to execute arbitrary code. The problem is caused ...

7.5CVSS7.9AI score0.00851EPSS
Exploits1References6
BDU FSTEC
BDU FSTEC
added 2022/07/06 12:0 a.m.9 views

The vulnerability of the njs_value_own_enumerate() function in the njs interpreter of the nginx server allows a hacker to cause a service failure.

The vulnerability of the njsvalueownenumerate function in the njs interpreter of the nginx server is related to the execution of an operation outside the buffer in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS6.4AI score0.00384EPSS
Exploits1References5Affected Software1
CNNVD
CNNVD
added 2022/06/21 12:0 a.m.5 views

Nginx 资源管理错误漏洞

Nginx is a lightweight web server/reverse proxy server and email IMAP/POP3 proxy server from Nginx Inc. in the United States. njs is one of the scripting language components that supports extended NGINX functionality. A security vulnerability exists in Nginx NJS version v0.7.2, which stems from a...

5.5CVSS5.6AI score0.00628EPSS
Exploits1References3
BDU FSTEC
BDU FSTEC
added 2022/05/26 12:0 a.m.5 views

The vulnerability of the njs_vmcode_array component in the njs interpreter of the nginx server allows a hacker to cause a service failure.

The vulnerability of the njsvmcodearray component /src/njsvmcode.c. of the njs interpreter on the nginx server is related to pointer arithmetic errors. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

5.5CVSS6.7AI score0.00804EPSS
Exploits1References9Affected Software4
BDU FSTEC
BDU FSTEC
added 2022/05/23 12:0 a.m.6 views

Vulnerability of the njs_lvlhsh_bucket_find() function (njs_lvlhsh.c) in the njs interpreter of the nginx server, allowing a hacker to cause a service failure

The vulnerability of the njslvlhshbucketfind function njslvlhsh.c in the njs interpreter of the nginx server involves an uncontrolled resource consumption. Exploiting this vulnerability could allow a malicious actor to cause service interruptions remotely...

5.3CVSS7.2AI score0.01099EPSS
Exploits0References4Affected Software1
BDU FSTEC
BDU FSTEC
added 2022/04/28 12:0 a.m.7 views

The vulnerability of the Array.prototype.concat() function in the njs interpreter on the nginx server allows a hacker to cause a service failure.

The vulnerability of the Array.prototype.concat function in the njs interpreter on the nginx server is related to the execution of the operation beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a remote attacker to cause a service failure...

7.8CVSS7.7AI score0.01698EPSS
Exploits1References3Affected Software1
BDU FSTEC
BDU FSTEC
added 2021/04/21 12:0 a.m.6 views

The vulnerability of the njs interpreter on the nginx server, which allows attackers to cause service failures.

The vulnerability of the njs interpreter on the nginx server is related to reading beyond the buffer boundaries. Exploiting this vulnerability can allow a remote attacker to cause service interruptions...

6.5CVSS7AI score0.01305EPSS
Exploits1References5Affected Software2
Rows per page
Query Builder