cve,link,title,description,vendor,products,score,severity,epss,cisa,article,ransomware,exploited,poc,trended,trended_no_1,published,trended_score
CVE-2023-27730,https://securityvulnerability.io/vulnerability/CVE-2023-27730,Segmentation Violation Issue in Nginx NJS by Nginx,"A segmentation violation was detected in Nginx NJS version 0.7.10, specifically within the function njs_lvlhsh_find located in the src/njs_lvlhsh.c file. This vulnerability can lead to potential unauthorized access and exploitation, posing risks to web applications that utilize Nginx NJS for scripting functionality.",F5,Njs,7.5,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2023-04-09T00:00:00.000Z,0
CVE-2023-27729,https://securityvulnerability.io/vulnerability/CVE-2023-27729,Nginx NJS Vulnerability in Version 0.7.10,"A vulnerability has been identified in Nginx NJS version 0.7.10, related to an illegal memcpy operation within the njs_vmcode_return function located in src/njs_vmcode.c. This flaw can have serious implications on data handling, potentially leading to unexpected behavior or unauthorized access. Immediate attention to this issue is suggested for users of the affected version to prevent exploitation.",F5,Njs,7.5,HIGH,0.001069999998435378,false,false,false,false,,false,false,2023-04-09T00:00:00.000Z,0
CVE-2023-27728,https://securityvulnerability.io/vulnerability/CVE-2023-27728,Segmentation Violation in Nginx NJS Affects Multiple Versions,"The Nginx NJS JavaScript module version 0.7.10 has been identified with a segmentation violation that occurs in the njs_dump_is_recursive function, potentially leading to instability or crashes within the application. This vulnerability may expose servers to unauthorized access or denial of service, thereby affecting the reliability of web services built on Nginx.",F5,Njs,7.5,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2023-04-09T00:00:00.000Z,0
CVE-2023-27727,https://securityvulnerability.io/vulnerability/CVE-2023-27727,Segmentation Violation in Nginx NJS Version 0.7.10,"A segmentation violation was identified in Nginx NJS version 0.7.10, specifically in the njs_function_frame function located in src/njs_function.h. This vulnerability could potentially lead to application crashes and interruptions in service. Users are advised to review their implementation of NJS and consider upgrading to a more secure version to mitigate risks.",F5,Njs,7.5,HIGH,0.0006300000241026282,false,false,false,false,,false,false,2023-04-09T00:00:00.000Z,0
CVE-2022-43285,https://securityvulnerability.io/vulnerability/CVE-2022-43285,,Nginx NJS v0.7.4 was discovered to contain a segmentation violation in njs_promise_reaction_job. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.,F5,Njs,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2022-10-28T00:00:00.000Z,0
CVE-2022-43284,https://securityvulnerability.io/vulnerability/CVE-2022-43284,,Nginx NJS v0.7.2 to v0.7.4 was discovered to contain a segmentation violation via njs_scope_valid_value at njs_scope.h. NOTE: the vendor disputes the significance of this report because NJS does not operate on untrusted input.,F5,Njs,7.5,HIGH,0.0008399999933317304,false,false,false,false,,false,false,2022-10-28T00:00:00.000Z,0
CVE-2022-43286,https://securityvulnerability.io/vulnerability/CVE-2022-43286,,Nginx NJS v0.7.2 was discovered to contain a heap-use-after-free bug caused by illegal memory copy in the function njs_json_parse_iterator_call at njs_json.c.,F5,Njs,9.8,CRITICAL,0.0021299999207258224,false,false,false,false,,false,false,2022-10-28T00:00:00.000Z,0
CVE-2022-38890,https://securityvulnerability.io/vulnerability/CVE-2022-38890,,Nginx NJS v0.7.7 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h,F5,Njs,5.5,MEDIUM,0.0005099999834783375,false,false,false,false,,false,false,2022-09-15T15:28:36.000Z,0
CVE-2022-34032,https://securityvulnerability.io/vulnerability/CVE-2022-34032,,Nginx NJS v0.7.5 was discovered to contain a segmentation violation in the function njs_value_own_enumerate at src/njs_value.c.,F5,Njs,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2022-07-18T20:14:17.000Z,0
CVE-2022-34031,https://securityvulnerability.io/vulnerability/CVE-2022-34031,,Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_value_to_number at src/njs_value_conversion.h.,F5,Njs,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2022-07-18T20:14:16.000Z,0
CVE-2022-34030,https://securityvulnerability.io/vulnerability/CVE-2022-34030,,Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_djb_hash at src/njs_djb_hash.c.,F5,Njs,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2022-07-18T20:14:15.000Z,0
CVE-2022-34029,https://securityvulnerability.io/vulnerability/CVE-2022-34029,,Nginx NJS v0.7.4 was discovered to contain an out-of-bounds read via njs_scope_value at njs_scope.h.,F5,Njs,9.1,CRITICAL,0.0026400000788271427,false,false,false,false,,false,false,2022-07-18T20:14:14.000Z,0
CVE-2022-34028,https://securityvulnerability.io/vulnerability/CVE-2022-34028,,Nginx NJS v0.7.5 was discovered to contain a segmentation violation via njs_utf8_next at src/njs_utf8.h.,F5,Njs,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2022-07-18T20:14:13.000Z,0
CVE-2022-34027,https://securityvulnerability.io/vulnerability/CVE-2022-34027,,Nginx NJS v0.7.4 was discovered to contain a segmentation violation via njs_value_property at njs_value.c.,F5,Njs,7.5,HIGH,0.0006799999973736703,false,false,false,false,,false,false,2022-07-18T20:14:12.000Z,0
CVE-2022-32414,https://securityvulnerability.io/vulnerability/CVE-2022-32414,,Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_vmcode_interpreter at src/njs_vmcode.c.,F5,Njs,5.5,MEDIUM,0.0005699999746866524,false,false,false,false,,false,false,2022-06-21T12:57:32.000Z,0
CVE-2022-31307,https://securityvulnerability.io/vulnerability/CVE-2022-31307,,Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_string_offset at src/njs_string.c.,F5,Njs,5.5,MEDIUM,0.0005699999746866524,false,false,false,false,,false,false,2022-06-21T12:57:31.000Z,0
CVE-2022-31306,https://securityvulnerability.io/vulnerability/CVE-2022-31306,,Nginx NJS v0.7.2 was discovered to contain a segmentation violation in the function njs_array_convert_to_slow_array at src/njs_array.c.,F5,Njs,5.5,MEDIUM,0.0005699999746866524,false,false,false,false,,false,false,2022-06-21T12:57:30.000Z,0
CVE-2022-29379,https://securityvulnerability.io/vulnerability/CVE-2022-29379,,"Nginx NJS v0.7.3 was discovered to contain a stack overflow in the function njs_default_module_loader at /src/njs/src/njs_module.c. NOTE: multiple third parties dispute this report, e.g., the behavior is only found in unreleased development code that was not part of the 0.7.2, 0.7.3, or 0.7.4 release",F5,Njs,9.8,CRITICAL,0.0029299999587237835,false,false,false,false,,false,false,2022-05-25T12:56:33.000Z,0
CVE-2022-29369,https://securityvulnerability.io/vulnerability/CVE-2022-29369,,Nginx NJS v0.7.2 was discovered to contain a segmentation violation via njs_lvlhsh_bucket_find at njs_lvlhsh.c.,F5,Njs,7.5,HIGH,0.0009200000204145908,false,false,false,false,,false,false,2022-05-12T18:48:42.000Z,0
CVE-2022-28049,https://securityvulnerability.io/vulnerability/CVE-2022-28049,,NGINX NJS 0.7.2 was discovered to contain a NULL pointer dereference via the component njs_vmcode_array at /src/njs_vmcode.c.,F5,Njs,5.5,MEDIUM,0.0011599999852478504,false,false,false,false,,false,false,2022-04-15T13:06:37.000Z,0
CVE-2022-27007,https://securityvulnerability.io/vulnerability/CVE-2022-27007,,nginx njs 0.7.2 is affected suffers from Use-after-free in njs_function_frame_alloc() when it try to invoke from a restored frame saved with njs_function_frame_save().,F5,Njs,9.8,CRITICAL,0.0038499999791383743,false,false,false,false,,false,false,2022-04-14T14:08:19.000Z,0
CVE-2022-27008,https://securityvulnerability.io/vulnerability/CVE-2022-27008,,nginx njs 0.7.2 is vulnerable to Buffer Overflow. Type confused in Array.prototype.concat() when a slow array appended element is fast array.,F5,Njs,7.5,HIGH,0.0034199999645352364,false,false,false,false,,false,false,2022-04-14T14:04:56.000Z,0
CVE-2021-46463,https://securityvulnerability.io/vulnerability/CVE-2021-46463,,"njs through 0.7.1, used in NGINX, was discovered to contain a control flow hijack caused by a Type Confusion vulnerability in njs_promise_perform_then().",F5,Njs,9.8,CRITICAL,0.003759999992325902,false,false,false,false,,false,false,2022-02-14T21:47:24.000Z,0
CVE-2022-25139,https://securityvulnerability.io/vulnerability/CVE-2022-25139,,"njs through 0.7.0, used in NGINX, was discovered to contain a heap use-after-free in njs_await_fulfilled.",F5,Njs,9.8,CRITICAL,0.003759999992325902,false,false,false,false,,false,false,2022-02-14T21:47:20.000Z,0
CVE-2021-46462,https://securityvulnerability.io/vulnerability/CVE-2021-46462,,"njs through 0.7.1, used in NGINX, was discovered to contain a segmentation violation via njs_object_set_prototype in /src/njs_object.c.",F5,Njs,7.5,HIGH,0.001970000099390745,false,false,false,false,,false,false,2022-02-14T21:47:18.000Z,0