Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cesanta vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2020-36370
Stack overflow vulnerability in parse_unary Cesanta MJS 1.20.1, allows remote malicious users to cause a Denial of Service (DoS) via a crafted file.
Cesanta Mjs 1.20.1
4.3
CVSSv2
CVE-2020-36374
Stack overflow vulnerability in parse_comparison Cesanta MJS 1.20.1, allows remote malicious users to cause a Denial of Service (DoS) via a crafted file.
Cesanta Mjs 1.20.1
5
CVSSv2
CVE-2018-10945
The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote malicious users to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function.
Cesanta Mongoose 6.11
NA
CVE-2023-43338
Cesanta mjs v2.20.0 exists to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). This vulnerability allows malicious users to execute arbitrary code via a crafted input.
Cesanta Mjs 2.20.0
6.4
CVSSv2
CVE-2017-2895
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of ser...
Cesanta Mongoose 6.8
NA
CVE-2021-36535
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote malicious users to cause a denial of service via crafted .js file to mjs_set_errorf.
Cesanta Mjs 1.26
7.5
CVSSv2
CVE-2019-19307
An integer overflow in parse_mqtt in mongoose.c in Cesanta Mongoose 6.16 allows an malicious user to achieve remote DoS (infinite loop), or possibly cause an out-of-bounds write, by sending a crafted MQTT protocol packet.
Cesanta Mongoose 6.16
1 Github repository
5
CVSSv2
CVE-2019-13503
mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read.
Cesanta Mongoose 6.15
1 Github repository
6.4
CVSSv2
CVE-2018-18764
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read...
Cesanta Mongoose 6.13
6.4
CVSSv2
CVE-2018-18765
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory ...
Cesanta Mongoose 6.13
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-5248
CVE-2024-3110
CVE-2024-5552
CVE-2024-29415
HTML injection
CVE-2024-3095
TCP
type confusion
CVE-2024-1800
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
10
NEXT »