Vulnerabilities > Cesanta
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2018-10-29 | CVE-2018-18765 | Out-of-bounds Read vulnerability in Cesanta Mongoose 6.13 An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. | 9.1 |
| 2018-10-29 | CVE-2018-18764 | Out-of-bounds Read vulnerability in Cesanta Mongoose 6.13 An exploitable arbitrary memory read vulnerability exists in the MQTT packet-parsing functionality of Cesanta Mongoose 6.13. | 9.1 |
| 2018-06-19 | CVE-2018-10945 | NULL Pointer Dereference vulnerability in Cesanta Mongoose 6.11 The mg_handle_cgi function in mongoose.c in Mongoose 6.11 allows remote attackers to cause a denial of service (heap-based buffer over-read and application crash, or NULL pointer dereference) via an HTTP request, related to the mbuf_insert function. | 7.5 |
| 2017-11-07 | CVE-2017-2922 | Use After Free vulnerability in Cesanta Mongoose 6.8 An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. | 9.8 |
| 2017-11-07 | CVE-2017-2921 | Integer Overflow or Wraparound vulnerability in Cesanta Mongoose 6.8 An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. | 9.8 |
| 2017-11-07 | CVE-2017-2909 | Infinite Loop vulnerability in Cesanta Mongoose 6.8 An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. | 7.5 |
| 2017-11-07 | CVE-2017-2895 | Out-of-bounds Read vulnerability in Cesanta Mongoose 6.8 An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. | 8.2 |
| 2017-11-07 | CVE-2017-2894 | Out-of-bounds Write vulnerability in Cesanta Mongoose 6.8 An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. | 9.8 |
| 2017-11-07 | CVE-2017-2893 | NULL Pointer Dereference vulnerability in Cesanta Mongoose 6.8 An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. | 7.5 |
| 2017-11-07 | CVE-2017-2892 | Integer Overflow or Wraparound vulnerability in Cesanta Mongoose 6.8 An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. | 9.8 |