Dramthy

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.5 **Description** The issue is related to a segmentation violation in the `njs value own enumerate()` function at `src/njs value.c` in the Nginx NJS interpreter. This can lead to a buffer overflow in memory, potentially allowing a remote attacker to execute arbitrary code. **Recommendations** For Nginx NJS version 0.7.5, consider disabling the `njs value own enumerate()` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.5 **Description** The issue is related to a segmentation violation via the `njs djb hash()` function at `src/njs djb hash.c` in the Nginx NJS interpreter. This can lead to a buffer overflow in memory, potentially allowing a remote attacker to execute arbitrary code. **Recommendations** For Nginx NJS version 0.7.5, consider disabling the `njs djb hash()` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.5 **Description** The issue is related to a segmentation violation via the `njs value to number()` function at `src/njs value conversion.h` in the Nginx NJS interpreter. This can lead to a buffer overflow in memory, potentially allowing a remote attacker to execute arbitrary code. **Recommendations** For Nginx NJS version 0.7.5, consider disabling the `njs value to number()` function as a temporary workaround until a patch is available.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.5 **Description** The issue is related to a segmentation violation via the `njs utf8 next` function at `src/njs utf8.h`. This can lead to a buffer overflow in memory, potentially allowing a remote attacker to execute arbitrary code. **Recommendations** For Nginx NJS version 0.7.5, consider disabling the `njs utf8 next` function as a temporary workaround until a patch is available. Restrict access to the `src/njs utf8.h` module to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.4 **Description** The issue is related to a buffer overflow in the njs value property() function of the njs interpreter in the Nginx server. This could allow a remote attacker to execute arbitrary code. The problem is caused by a segmentation violation via the njs value property function at njs value.c. **Recommendations** For Nginx NJS version 0.7.4, consider disabling the njs value property() function as a temporary workaround until a patch is available. Restrict access to the njs interpreter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** Nginx NJS version 0.7.4 **Description** The issue is related to an out-of-bounds read in the `njs scope value()` function of the njs interpreter in the Nginx server. This could allow a remote attacker to execute arbitrary code. The vulnerability is associated with reading data beyond the buffer boundaries in memory. **Recommendations** For Nginx NJS version 0.7.4, consider disabling the `njs scope value()` function as a temporary workaround until a patch is available. Restrict access to the njs interpreter to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HTMLDoc versions 1.9.12 and below **Description** A heap overflow issue was discovered in HTMLDoc via the e node in htmldoc/htmldoc/html.cxx:588. This issue can potentially be exploited. **Recommendations** For HTMLDoc versions 1.9.12 and below, at the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** HTMLDoc version 1.9.15 **Description** A heap overflow issue was discovered in HTMLDoc via the `write header` function in the `/htmldoc/htmldoc/html.cxx` file at line 273. This issue can be exploited, potentially leading to unspecified consequences. **Recommendations** For HTMLDoc version 1.9.15, consider disabling the `write header` function as a temporary workaround until a patch is available. At the moment, there is no information about a newer version that contains a fix for this issue.