-
Latest security vulnerabilities Nginx products
Jun 6, 2021 | 00:00 am
NGINX before 1.13.6 has a buffer overflow for years that exceed four digits, as demonstrated by a file with a modification date in 1969 that causes an integer overflow (or a false modification date far in the future), when encountered[…]
Read more...
-
Latest security vulnerabilities Nginx products
Jun 1, 2021 | 00:00 am
A security issue in nginx resolver was identified, which might allow an attacker who is able to forge UDP packets from the DNS server to cause 1-byte memory overwrite, resulting in worker process crash or potential other impact. (CVSS:7.5) (Last[…]
Read more...
-
Latest security vulnerabilities Nginx products
Aug 13, 2020 | 00:00 am
njs through 0.4.3, used in NGINX, has a use-after-free in njs_json_parse_iterator_call in njs_json.c. (CVSS:6.8) (Last Update:2020-09-18)
Read more...
-
Latest security vulnerabilities Nginx products
Jan 9, 2020 | 00:00 am
NGINX before 1.17.7, with certain error_page configurations, allows HTTP request smuggling, as demonstrated by the ability of an attacker to read unauthorized web pages in environments where NGINX is being fronted by a load balancer. (CVSS:4.3) (Last Update:2020-01-15)
Read more...
-
Latest security vulnerabilities Nginx products
Aug 13, 2019 | 00:00 am
Some HTTP/2 implementations are vulnerable to window size manipulation and stream prioritization manipulation, potentially leading to a denial of service. The attacker requests a large amount of data from a specified resource over multiple streams. They manipulate window size and[…]
Read more...
-
Latest security vulnerabilities Nginx products
Jul 16, 2019 | 00:00 am
njs through 0.3.3, used in NGINX, has a heap-based buffer over-read in nxt_vsprintf in nxt/nxt_sprintf.c during error handling, as demonstrated by an njs_regexp_literal call that leads to an njs_parser_lexer_error call and then an njs_parser_scope_error call. (CVSS:4.3) (Last Update:2020-08-24)
Read more...
-
Latest security vulnerabilities Nginx products
Jun 30, 2019 | 00:00 am
njs through 0.3.3, used in NGINX, has a buffer over-read in nxt_utf8_decode in nxt/nxt_utf8.c. This issue occurs after the fix for CVE-2019-12207 is in place. (CVSS:7.5) (Last Update:2019-07-05)
Read more...
-
Latest security vulnerabilities Nginx products
May 20, 2019 | 00:00 am
njs through 0.3.1, used in NGINX, has a heap-based buffer overflow in nxt_utf8_encode in nxt_utf8.c. (CVSS:7.5) (Last Update:2020-08-24)
Read more...
-
Latest security vulnerabilities Nginx products
May 9, 2019 | 00:00 am
njs through 0.3.1, used in NGINX, has a segmentation fault in String.prototype.toBytes for negative arguments, related to nxt_utf8_next in nxt/nxt_utf8.h and njs_string_offset in njs/njs_string.c. (CVSS:5.0) (Last Update:2019-05-09)
Read more...
-
Latest security vulnerabilities Nginx products
Feb 8, 2019 | 00:00 am
NGINX Unit before 1.7.1 might allow an attacker to cause a heap-based buffer overflow in the router process with a specially crafted request. This may result in a denial of service (router process crash) or possibly have unspecified other impact.[…]
Read more...
Jedesmal, wenn mit eingeschaltetem AdBlocker eine Webseite besucht wird, stirbt in einem Labor ein unschuldiges, niedliches Kaninchen einen grausamen Tod! Zusätzlich werden einige Funktionen dieser Webseite durch den AdBlocker blockiert. Bitte deaktivieren Sie Ihren AdBlocker für diese Webseite und retten Sie unschuldige Kaninchen!