Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cesanta vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv2
CVE-2017-2891
An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed pointer potentially resulting in remote code execution. An attacker needs to send th...
Cesanta Mongoose 6.8
5
CVSSv2
CVE-2017-2893
An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafte...
Cesanta Mongoose 6.8
6.4
CVSSv2
CVE-2017-2895
An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of ser...
Cesanta Mongoose 6.8
7.8
CVSSv2
CVE-2017-2909
An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause an infinite loop resulting in high CPU usage and Denial Of Service. An attacker can send a packet over the network to trigger this ...
Cesanta Mongoose 6.8
7.5
CVSSv2
CVE-2017-2922
An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be ...
Cesanta Mongoose 6.8
6.4
CVSSv2
CVE-2018-18764
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in a parse_mqtt getu16 call. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read...
Cesanta Mongoose 6.13
6.4
CVSSv2
CVE-2018-18765
An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. It is a heap-based buffer over-read in mg_mqtt_next_subscribe_topic. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory ...
Cesanta Mongoose 6.13
4.3
CVSSv2
CVE-2020-36366
Stack overflow vulnerability in parse_value Cesanta MJS 1.20.1, allows remote malicious users to cause a Denial of Service (DoS) via a crafted file.
Cesanta Mjs 1.20.1
4.3
CVSSv2
CVE-2020-36367
Stack overflow vulnerability in parse_block Cesanta MJS 1.20.1, allows remote malicious users to cause a Denial of Service (DoS) via a crafted file.
Cesanta Mjs 1.20.1
4.3
CVSSv2
CVE-2020-36368
Stack overflow vulnerability in parse_statement Cesanta MJS 1.20.1, allows remote malicious users to cause a Denial of Service (DoS) via a crafted file.
Cesanta Mjs 1.20.1
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
encryption
CVE-2024-4331
CVE-2024-26925
arbitrary code
CVE-2006-4304
CVE-2024-25458
CVE-2024-27077
reflected XSS
CVE-2024-4059
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
9
NEXT »