Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cesanta vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2022-25299
This affects the package cesanta/mongoose prior to 7.6. The unsafe handling of file names during upload using mg_http_upload() method may enable malicious users to write files to arbitrary locations outside the designated target folder.
Cesanta Mongoose
5.5
CVSSv3
CVE-2021-33437
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33438
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33439
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33440
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33441
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33442
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33443
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33444
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.
Cesanta Mjs
5.5
CVSSv3
CVE-2021-33446
An issue exists in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c.
Cesanta Mjs
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validation
CVE-2024-34413
CVE-2024-34089
CVE-2024-33408
local
SQL
CVE-2024-0402
CVE-2024-33910
CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
NEXT »