Vulnerabilities > Cesanta

DATE CVE VULNERABILITY TITLE RISK
2023-05-09 CVE-2023-30087 Out-of-bounds Write vulnerability in Cesanta MJS 1.26
Buffer Overflow vulnerability found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_mk_string function in mjs.c.
local
low complexity
cesanta CWE-787
5.5
2023-05-09 CVE-2023-30088 Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in Cesanta MJS 1.26
An issue found in Cesanta MJS v.1.26 allows a local attacker to cause a denial of service via the mjs_execute function in mjs.c.
local
low complexity
cesanta CWE-119
5.5
2023-04-24 CVE-2023-29570 Unspecified vulnerability in Cesanta MJS 2.20.0
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_ffi_cb_free at src/mjs_ffi.c.
local
low complexity
cesanta
5.5
2023-02-03 CVE-2021-36535 Out-of-bounds Write vulnerability in Cesanta MJS 1.26
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.
local
low complexity
cesanta CWE-787
5.5
2022-07-26 CVE-2021-33437 Memory Leak vulnerability in Cesanta MJS
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6).
local
low complexity
cesanta CWE-401
5.5
2022-05-03 CVE-2021-27425 Integer Overflow or Wraparound vulnerability in Cesanta Mongoose OS 2.17.0
Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc.
network
low complexity
cesanta CWE-190
7.5
2022-02-18 CVE-2022-25299 Files or Directories Accessible to External Parties vulnerability in Cesanta Mongoose
This affects the package cesanta/mongoose before 7.6.
network
low complexity
cesanta CWE-552
5.0
2022-01-27 CVE-2021-46508 Reachable Assertion vulnerability in Cesanta MJS 2.20.0
There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0.
network
cesanta CWE-617
4.3
2022-01-27 CVE-2021-46509 Uncontrolled Recursion vulnerability in Cesanta MJS 2.20.0
Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.
local
low complexity
cesanta CWE-674
7.8
2022-01-27 CVE-2021-46510 Reachable Assertion vulnerability in Cesanta MJS 2.20.0
There is an Assertion `s < mjs->owned_strings.buf + mjs->owned_strings.len' failed at src/mjs_gc.c in Cesanta MJS v2.20.0.
network
cesanta CWE-617
4.3