Vulnerabilities > Espruino > Medium

DATE CVE VULNERABILITY TITLE RISK
2018-05-31 CVE-2018-11593 Out-of-bounds Write vulnerability in Espruino
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.
network
espruino CWE-787
5.8
5.8
2018-05-31 CVE-2018-11592 Out-of-bounds Read vulnerability in Espruino
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via an Out-of-bounds Read during syntax parsing in which certain height validation is missing in libs/graphics/jswrap_graphics.c.
network
espruino CWE-125
4.3
4.3
2018-05-31 CVE-2018-11591 NULL Pointer Dereference vulnerability in Espruino
Espruino before 1.98 allows attackers to cause a denial of service (application crash) with a user crafted input file via a NULL pointer dereference during syntax parsing.
network
espruino CWE-476
4.3
4.3
2018-05-31 CVE-2018-11590 Integer Overflow or Wraparound vulnerability in Espruino
Espruino before 1.99 allows attackers to cause a denial of service (application crash) with a user crafted input file via an integer overflow during syntax parsing.
network
espruino CWE-190
4.3
4.3