Vulnerabilities

DATE CVE VULNERABILITY TITLE RISK
2024-11-18 CVE-2024-41974 A low privileged remote attacker may modify the BACNet service properties due to incorrect permission assignment for critical resources which may lead to a DoS limited to BACNet communication.
network
low complexity
CWE-732
7.1
2024-11-18 CVE-2024-42383 Unspecified vulnerability in Cesanta Mongoose
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field.
network
low complexity
cesanta
critical
9.8
2024-11-18 CVE-2024-42384 Integer Overflow or Wraparound vulnerability in Cesanta Mongoose
Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
network
low complexity
cesanta CWE-190
7.5
2024-11-18 CVE-2024-42385 Unspecified vulnerability in Cesanta Mongoose
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters.
local
high complexity
cesanta
7.0
2024-11-18 CVE-2024-42386 Unspecified vulnerability in Cesanta Mongoose
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
network
low complexity
cesanta
7.5
2024-11-18 CVE-2024-42387 Unspecified vulnerability in Cesanta Mongoose
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
network
low complexity
cesanta
5.3
2024-11-18 CVE-2024-42388 Unspecified vulnerability in Cesanta Mongoose
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
network
low complexity
cesanta
5.3
2024-11-18 CVE-2024-42389 Unspecified vulnerability in Cesanta Mongoose
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
network
low complexity
cesanta
5.3
2024-11-18 CVE-2024-42390 Unspecified vulnerability in Cesanta Mongoose
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
network
low complexity
cesanta
5.3
2024-11-18 CVE-2024-42391 Unspecified vulnerability in Cesanta Mongoose
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
network
low complexity
cesanta
5.3