Vulnerabilities > Moddable > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-11-19 CVE-2021-29323 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow via the component /modules/network/wifi/esp/modwifi.c.
network
moddable CWE-787
4.3
2021-11-19 CVE-2021-29324 Allocation of Resources Without Limits or Throttling vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow via the component /moddable/xs/sources/xsScript.c.
network
moddable CWE-770
6.8
2021-11-19 CVE-2021-29325 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_String_prototype_repeat function at /moddable/xs/sources/xsString.c.
network
moddable CWE-787
6.8
2021-11-19 CVE-2021-29326 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fxIDToString function at /moddable/xs/sources/xsSymbol.c.
network
moddable CWE-787
6.8
2021-11-19 CVE-2021-29327 Out-of-bounds Write vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a heap buffer overflow in the fx_ArrayBuffer function at /moddable/xs/sources/xsDataView.c.
network
moddable CWE-787
6.8
2021-11-19 CVE-2021-29328 Out-of-bounds Read vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain buffer over-read in the fxDebugThrow function at /moddable/xs/sources/xsDebug.c.
network
moddable CWE-125
5.8
2021-11-19 CVE-2021-29329 Allocation of Resources Without Limits or Throttling vulnerability in Moddable 10.5.0
OpenSource Moddable v10.5.0 was discovered to contain a stack overflow in the fxBinaryExpressionNodeDistribute function at /moddable/xs/sources/xsTree.c.
network
moddable CWE-770
6.8
2021-07-13 CVE-2020-22882 Type Confusion vulnerability in Moddable Os180328/Os180329
Issue was discovered in the fxParserTree function in moddable, allows attackers to cause denial of service via a crafted payload.
network
low complexity
moddable CWE-843
5.0
2020-12-04 CVE-2020-25465 NULL Pointer Dereference vulnerability in Moddable
Null Pointer Dereference.
network
low complexity
moddable CWE-476
5.0
2020-12-04 CVE-2020-25464 Out-of-bounds Write vulnerability in Moddable Os180328/Os180329/Os200831
Heap buffer overflow at moddable/xs/sources/xsDebug.c in Moddable SDK before before 20200903.
network
low complexity
moddable CWE-787
5.0