Vulnerabilities > Cesanta > High
| DATE | CVE | VULNERABILITY TITLE | RISK |
|---|---|---|---|
| 2024-11-18 | CVE-2024-42384 | Unspecified vulnerability in Cesanta Mongoose Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. | 7.5 |
| 2024-11-18 | CVE-2024-42385 | Unspecified vulnerability in Cesanta Mongoose Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters. | 7.0 |
| 2024-11-18 | CVE-2024-42386 | Unspecified vulnerability in Cesanta Mongoose Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. | 7.5 |
| 2024-11-18 | CVE-2024-42392 | Unspecified vulnerability in Cesanta Mongoose Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters. | 7.5 |
| 2024-01-02 | CVE-2023-49549 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file. | 7.5 |
| 2024-01-02 | CVE-2023-49550 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component. | 7.5 |
| 2024-01-02 | CVE-2023-49551 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_parse function in the msj.c file. | 7.5 |
| 2024-01-02 | CVE-2023-49552 | Out-of-bounds Read vulnerability in Cesanta MJS 2.20.0 An Out of Bounds Write in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_op_json_stringify function in the msj.c file. | 7.5 |
| 2024-01-02 | CVE-2023-49553 | Unspecified vulnerability in Cesanta MJS 2.20.0 An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_destroy function in the msj.c file. | 7.5 |
| 2023-08-22 | CVE-2020-25887 | Classic Buffer Overflow vulnerability in Cesanta Mongoose 6.18 Buffer overflow in mg_resolve_from_hosts_file in Mongoose 6.18, when reading from a crafted hosts file. | 8.8 |