Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cesanta vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2023-49552
An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote malicious user to cause a denial of service via the mjs_op_json_stringify function in the msj.c file.
Cesanta Mjs 2.20.0
7.5
CVSSv3
CVE-2023-49553
An issue in Cesanta mjs 2.20.0 allows a remote malicious user to cause a denial of service via the mjs_destroy function in the msj.c file.
Cesanta Mjs 2.20.0
9.1
CVSSv3
CVE-2021-26528
The mg_http_serve_file function in Cesanta Mongoose HTTP server 7.0 is vulnerable to remote OOB write attack via connection request after exhausting memory pool.
Cesanta Mongoose 7.0
9.1
CVSSv3
CVE-2021-26530
The mg_tls_init function in Cesanta Mongoose HTTPS server 7.0 (compiled with OpenSSL support) is vulnerable to remote OOB write attack via connection request after exhausting memory pool.
Cesanta Mongoose 7.0
5.5
CVSSv3
CVE-2021-36535
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote malicious users to cause a denial of service via crafted .js file to mjs_set_errorf.
Cesanta Mjs 1.26
7.5
CVSSv3
CVE-2017-2893
An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafte...
Cesanta Mongoose 6.8
8.8
CVSSv3
CVE-2023-2905
Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 a...
Cesanta Mongoose 7.10
5.5
CVSSv3
CVE-2023-30087
Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local malicious user to cause a denial of service via the mjs_mk_string function in mjs.c.
Cesanta Mjs 1.26
5.5
CVSSv3
CVE-2023-30088
An issue found in Cesanta MJS v.1.26 allows a local malicious user to cause a denial of service via the mjs_execute function in mjs.c.
Cesanta Mjs 1.26
7.5
CVSSv3
CVE-2019-13503
mq_parse_http in mongoose.c in Mongoose 6.15 has a heap-based buffer over-read.
Cesanta Mongoose 6.15
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-40673
CVE-2024-36674
CVE-2024-27348
unspecified
CVE-2024-24919
CVE-2024-4870
malicious code
CVE-2024-2019
hard-coded
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
3
4
5
6
7
8
9
10
NEXT »