cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2023-27727,https://securityvulnerability.io/vulnerability/CVE-2023-27727,Segmentation Violation in Nginx NJS Version 0.7.10,"A segmentation violation was identified in Nginx NJS version 0.7.10, specifically in the njs_function_frame function located in src/njs_function.h. This vulnerability could potentially lead to application crashes and interruptions in service. Users are advised to review their implementation of NJS and consider upgrading to a more secure version to mitigate risks.",F5,Njs,7.5,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-04-09T00:00:00.000Z,0
CVE-2023-27730,https://securityvulnerability.io/vulnerability/CVE-2023-27730,Segmentation Violation Issue in Nginx NJS by Nginx,"A segmentation violation was detected in Nginx NJS version 0.7.10, specifically within the function njs_lvlhsh_find located in the src/njs_lvlhsh.c file. This vulnerability can lead to potential unauthorized access and exploitation, posing risks to web applications that utilize Nginx NJS for scripting functionality.",F5,Njs,7.5,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-04-09T00:00:00.000Z,0
CVE-2023-27729,https://securityvulnerability.io/vulnerability/CVE-2023-27729,Nginx NJS Vulnerability in Version 0.7.10,"A vulnerability has been identified in Nginx NJS version 0.7.10, related to an illegal memcpy operation within the njs_vmcode_return function located in src/njs_vmcode.c. This flaw can have serious implications on data handling, potentially leading to unexpected behavior or unauthorized access. Immediate attention to this issue is suggested for users of the affected version to prevent exploitation.",F5,Njs,7.5,HIGH,0.001069999998435378,false,,false,false,false,,,false,false,,2023-04-09T00:00:00.000Z,0
CVE-2023-27728,https://securityvulnerability.io/vulnerability/CVE-2023-27728,Segmentation Violation in Nginx NJS Affects Multiple Versions,"The Nginx NJS JavaScript module version 0.7.10 has been identified with a segmentation violation that occurs in the njs_dump_is_recursive function, potentially leading to instability or crashes within the application. This vulnerability may expose servers to unauthorized access or denial of service, thereby affecting the reliability of web services built on Nginx.",F5,Njs,7.5,HIGH,0.0006300000241026282,false,,false,false,false,,,false,false,,2023-04-09T00:00:00.000Z,0
CVE-2022-43285,https://securityvulnerability.io/vulnerability/CVE-2022-43285,Nginx NJS Segmentation Violation Exploit,"A segmentation violation was identified in Nginx NJS version 0.7.4 specifically within the njs_promise_reaction_job function. The Nginx team has noted that this issue is under dispute, arguing that NJS does not process untrusted input, which may mitigate its potential impact. However, it is essential for users to stay informed and consider the implications of this vulnerability in their implementations.",F5,Njs,7.5,HIGH,0.0006799999973736703,false,,false,false,false,,,false,false,,2022-10-28T00:00:00.000Z,0
CVE-2022-43286,https://securityvulnerability.io/vulnerability/CVE-2022-43286,Heap-Use-After-Free Vulnerability in Nginx NJS Product,"A vulnerability present in Nginx NJS v0.7.2 is due to a heap-use-after-free error, which arises from an illegal memory copy operation in the function njs_json_parse_iterator_call located in njs_json.c. This flaw can potentially allow attackers to exploit memory mismanagement and lead to unintended behaviors, affecting application stability and security.",F5,Njs,9.8,CRITICAL,0.0021299999207258224,false,,false,false,false,,,false,false,,2022-10-28T00:00:00.000Z,0
CVE-2022-43284,https://securityvulnerability.io/vulnerability/CVE-2022-43284,Segmentation Violation in Nginx NJS Affects Specific Versions,"A segmentation violation has been identified in Nginx NJS versions 0.7.2 through 0.7.4 due to a flaw in the njs_scope_valid_value function at njs_scope.h. Although the vendor, Nginx, asserts that this report's implications are minimal since NJS does not handle untrusted input, users should still remain vigilant in reviewing their implementations and consider upgrading to the latest version for improved security.",F5,Njs,7.5,HIGH,0.0008399999933317304,false,,false,false,false,,,false,false,,2022-10-28T00:00:00.000Z,0
CVE-2022-38890,https://securityvulnerability.io/vulnerability/CVE-2022-38890,Segmentation Violation in Nginx NJS Leading to Disruption,"A vulnerability has been identified in Nginx NJS version 0.7.7 that manifests as a segmentation violation occurring within the `njs_utf8_next` function located in the `src/njs_utf8.h` file. This flaw could lead to unexpected behavior or crashes, potentially disrupting services that rely on this JavaScript module for Nginx. It is crucial for users of this version to assess their systems and apply any necessary patches to mitigate risks associated with this vulnerability.",F5,Njs,5.5,MEDIUM,0.0005099999834783375,false,,false,false,false,,,false,false,,2022-09-15T15:28:36.000Z,0
CVE-2022-34032,https://securityvulnerability.io/vulnerability/CVE-2022-34032,Segmentation Violation in Nginx NJS Affects Web Server Performance,"A segmentation violation has been identified in Nginx NJS version 0.7.5, located in the njs_value_own_enumerate function. This flaw can potentially disrupt normal operations by causing unexpected behavior, which may lead to performance degradation and service interruptions for applications relying on the NJS module.",F5,Njs,7.5,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2022-07-18T20:14:17.000Z,0
CVE-2022-34031,https://securityvulnerability.io/vulnerability/CVE-2022-34031,Segmentation Violation in Nginx NJS Affects Multiple Versions,"A segmentation violation was found in Nginx NJS version 0.7.5. This issue occurs during the conversion of values to numbers within the njs_value_to_number function, which could lead to unexpected behavior and potential disruption of services. It is essential for users of Nginx NJS to assess their environments and ensure they are using patched versions to mitigate potential risks.",F5,Njs,7.5,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2022-07-18T20:14:16.000Z,0
CVE-2022-34030,https://securityvulnerability.io/vulnerability/CVE-2022-34030,Segmentation Violation in Nginx NJS Software,"A segmentation violation has been identified in Nginx NJS version 0.7.5, caused by an issue within the njs_djb_hash function located in src/njs_djb_hash.c. This vulnerability may lead to unexpected behavior or crashes in the affected software, highlighting the importance of keeping software components up to date for security.",F5,Njs,7.5,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2022-07-18T20:14:15.000Z,0
CVE-2022-34029,https://securityvulnerability.io/vulnerability/CVE-2022-34029,Out-of-Bounds Read in Nginx NJS Affecting Nginx Software,Nginx NJS v0.7.4 contains a vulnerability that allows an attacker to exploit an out-of-bounds read condition via the njs_scope_value function located in njs_scope.h. This flaw can potentially lead to information disclosure or unexpected behavior within applications utilizing this middleware.,F5,Njs,9.1,CRITICAL,0.0032599999103695154,false,,false,false,false,,,false,false,,2022-07-18T20:14:14.000Z,0
CVE-2022-34028,https://securityvulnerability.io/vulnerability/CVE-2022-34028,Segmentation Violation in Nginx NJS Product by Nginx,"A vulnerability has been identified in Nginx NJS version 0.7.5, where a segmentation violation occurs through the njs_utf8_next function. This flaw can lead to unexpected crashes or performance issues, potentially affecting the stability of applications relying on this library. Developers using this version should assess their deployments and upgrade to mitigate associated risks.",F5,Njs,7.5,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2022-07-18T20:14:13.000Z,0
CVE-2022-34027,https://securityvulnerability.io/vulnerability/CVE-2022-34027,Segmentation Violation in Nginx NJS Product by Nginx,"The Nginx NJS version 0.7.4 has been identified to experience a segmentation violation within the function njs_value_property located in njs_value.c. This issue can lead to unexpected behavior, potentially impacting application stability and performance, making it essential for users to assess their exposure and take appropriate measures.",F5,Njs,7.5,HIGH,0.0007900000200606883,false,,false,false,false,,,false,false,,2022-07-18T20:14:12.000Z,0
CVE-2022-32414,https://securityvulnerability.io/vulnerability/CVE-2022-32414,Segmentation Violation in Nginx NJS by Nginx,"A vulnerability was identified in Nginx NJS v0.7.2, where a segmentation violation occurs in the njs_vmcode_interpreter function. This issue could potentially lead to application instability or crashes, impacting services that rely on this JavaScript runtime extension for Nginx. Developers are advised to review the issue and apply necessary fixes available in the commit referenced in the project's GitHub repository.",F5,Njs,5.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-06-21T12:57:32.000Z,0
CVE-2022-31307,https://securityvulnerability.io/vulnerability/CVE-2022-31307,Segmentation Violation in Nginx NJS JavaScript Module Activating Credential Exposure,"A segmentation violation was identified in Nginx's NJS JavaScript module version 0.7.2, specifically within the 'njs_string_offset' function. This flaw can lead to unexpected behavior, potentially allowing an attacker to expose sensitive information or disrupt services. It is crucial for users of this module to review their implementations and apply any available patches promptly to safeguard against potential exploitation.",F5,Njs,5.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-06-21T12:57:31.000Z,0
CVE-2022-31306,https://securityvulnerability.io/vulnerability/CVE-2022-31306,Segmentation Violation in Nginx NJS Open Source Software,"A segmentation violation has been identified in Nginx NJS version 0.7.2. This vulnerability occurs within the function njs_array_convert_to_slow_array located in src/njs_array.c. It poses an issue when arrays are being processed, potentially allowing for disruptions during execution. Developers and users should be aware of this vulnerability to ensure appropriate security measures are in place.",F5,Njs,5.5,MEDIUM,0.0005699999746866524,false,,false,false,false,,,false,false,,2022-06-21T12:57:30.000Z,0
CVE-2022-29379,https://securityvulnerability.io/vulnerability/CVE-2022-29379,Stack Overflow Vulnerability in Nginx NJS by Nginx,"A stack overflow vulnerability was identified in the Nginx NJS module version 0.7.3, specifically within the njs_default_module_loader function found in the njs_module.c source file. This flaw can potentially lead to unexpected behavior during execution. It is important to note that there is contention regarding the validity of the reported behavior, with multiple third-party sources indicating that it may occur exclusively in unreleased development code and not in stable versions 0.7.2, 0.7.3, or 0.7.4.",F5,Njs,9.8,CRITICAL,0.003229999914765358,false,,false,false,false,,,false,false,,2022-05-25T12:56:33.000Z,0
CVE-2022-29369,https://securityvulnerability.io/vulnerability/CVE-2022-29369,Segmentation Violation in Nginx NJS Affects Web Performance,"The Nginx NJS framework version 0.7.2 has been identified to exhibit a segmentation violation through the function njs_lvlhsh_bucket_find within the njs_lvlhsh.c file. This vulnerability can lead to unexpected behavior, and potentially impact the stability and performance of web applications utilizing this version. Developers and systems administrators are urged to review their implementations and apply necessary updates or mitigations to safeguard against potential exploitation.",F5,Njs,7.5,HIGH,0.0010499999625608325,false,,false,false,false,,,false,false,,2022-05-12T18:48:42.000Z,0
CVE-2022-28049,https://securityvulnerability.io/vulnerability/CVE-2022-28049,NULL Pointer Dereference in NGINX NJS Affecting Multiple Versions,"A vulnerability has been identified in NGINX NJS 0.7.2 that allows for a NULL pointer dereference through the njs_vmcode_array component located at /src/njs_vmcode.c. This flaw may lead to unexpected behavior or crashes in applications using this library, making it essential for developers and system administrators to apply available updates or patches to mitigate potential risks. For more details, check the advisory links provided.",F5,Njs,5.5,MEDIUM,0.0011599999852478504,false,,false,false,false,,,false,false,,2022-04-15T13:06:37.000Z,0
CVE-2022-27007,https://securityvulnerability.io/vulnerability/CVE-2022-27007,Use-after-free Vulnerability in nginx njs by Nginx,The nginx njs engine version 0.7.2 is vulnerable to a use-after-free issue in the `njs_function_frame_alloc()` function. This vulnerability can be exploited when invoking a function from a restored frame that was previously saved using `njs_function_frame_save()`. Attackers could potentially leverage this flaw to disrupt service or execute arbitrary code by manipulating function frames.,F5,Njs,9.8,CRITICAL,0.0038499999791383743,false,,false,false,false,,,false,false,,2022-04-14T14:08:19.000Z,0
CVE-2022-27008,https://securityvulnerability.io/vulnerability/CVE-2022-27008,Buffer Overflow Vulnerability in nginx njs by NGINX,"The nginx njs version 0.7.2 is susceptible to a buffer overflow vulnerability caused by a type confusion in the Array.prototype.concat() method. This issue arises when a slow array appends an element to a fast array, potentially leading to unexpected behavior and security risks. Users are advised to review the related security advisories and update to patched versions to mitigate potential effects.",F5,Njs,7.5,HIGH,0.0034199999645352364,false,,false,false,false,,,false,false,,2022-04-14T14:04:56.000Z,0
CVE-2021-46463,https://securityvulnerability.io/vulnerability/CVE-2021-46463,Type Confusion Vulnerability in NGINX's njs by F5 Networks,"A Type Confusion vulnerability was identified in njs versions prior to 0.7.1, which is leveraged by NGINX. The issue stems from the njs_promise_perform_then() function, allowing for potential control flow hijacking. This vulnerability could enable an attacker to manipulate application flow and lead to unauthorized actions or data breaches.",F5,Njs,9.8,CRITICAL,0.003759999992325902,false,,false,false,false,,,false,false,,2022-02-14T21:47:24.000Z,0
CVE-2022-25139,https://securityvulnerability.io/vulnerability/CVE-2022-25139,Heap Use-After-Free Vulnerability in NGINX's njs Up to 0.7.0,"A vulnerability in njs, utilized within NGINX, was identified as a heap use-after-free issue in the njs_await_fulfilled function. This flaw can trigger unintended behavior in applications relying on this scripting library, potentially leading to security risks such as code execution or application crashes. It is essential for users to review and update their installations of njs to maintain secure and stable operations.",F5,Njs,9.8,CRITICAL,0.003759999992325902,false,,false,false,false,,,false,false,,2022-02-14T21:47:20.000Z,0
CVE-2021-46462,https://securityvulnerability.io/vulnerability/CVE-2021-46462,Segmentation Violation in NGINX's njs Product,"A segmentation violation has been identified in the njs product, utilized by NGINX, particularly through the njs_object_set_prototype function found in /src/njs_object.c. This vulnerability may lead to unexpected behavior or crashes, impacting the performance and reliability of web applications leveraging NGINX. It's essential for users of njs versions up to 0.7.1 to assess their systems and apply necessary updates to mitigate potential risks. For further details, you can refer to the issues discussed on GitHub.",F5,Njs,7.5,HIGH,0.001970000099390745,false,,false,false,false,,,false,false,,2022-02-14T21:47:18.000Z,0