Vulnerabilities > Cesanta
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2024-01-02 | CVE-2023-49549 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file. | 7.5 |
2024-01-02 | CVE-2023-49550 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component. | 7.5 |
2024-01-02 | CVE-2023-49551 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_parse function in the msj.c file. | 7.5 |
2024-01-02 | CVE-2023-49552 | Out-of-bounds Read vulnerability in Cesanta MJS 2.20.0 An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file. | 7.5 |
2024-01-02 | CVE-2023-49553 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file. | 7.5 |
2023-12-20 | CVE-2023-50044 | Classic Buffer Overflow vulnerability in Cesanta MJS 2.22.0 Cesanta MJS 2.20.0 has a getprop_builtin_foreign out-of-bounds read if a Built-in API name occurs in a substring of an input string. | 9.8 |
2023-09-23 | CVE-2023-43338 | Out-of-bounds Write vulnerability in Cesanta MJS 2.20.0 Cesanta mjs v2.20.0 was discovered to contain a function pointer hijacking vulnerability via the function mjs_get_ptr(). | 9.8 |
2023-08-22 | CVE-2020-25887 | Classic Buffer Overflow vulnerability in Cesanta Mongoose 6.18 Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file. | 8.8 |
2023-08-09 | CVE-2023-2905 | Out-of-bounds Write vulnerability in Cesanta Mongoose 7.10 Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. | 8.8 |
2023-06-23 | CVE-2023-34188 | Unspecified vulnerability in Cesanta Mongoose The HTTP server in Mongoose before 7.10 accepts requests containing negative Content-Length headers. | 7.5 |