Vulnerabilities (CVE)

  1. OpenCVE
  2. Vulnerabilities (CVE)
Filtered by vendor Cesanta Subscribe
Total 128 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2024-42383 1 Cesanta 1 Mongoose 2024-11-19 N/A 9.8 CRITICAL
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field.
CVE-2024-42385 1 Cesanta 1 Mongoose 2024-11-19 N/A 7.0 HIGH
Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters.
CVE-2024-42386 1 Cesanta 1 Mongoose 2024-11-19 N/A 7.5 HIGH
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
CVE-2024-42387 1 Cesanta 1 Mongoose 2024-11-19 N/A 5.3 MEDIUM
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
CVE-2024-42388 1 Cesanta 1 Mongoose 2024-11-19 N/A 5.3 MEDIUM
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
CVE-2024-42389 1 Cesanta 1 Mongoose 2024-11-19 N/A 5.3 MEDIUM
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
CVE-2024-42390 1 Cesanta 1 Mongoose 2024-11-19 N/A 5.3 MEDIUM
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
CVE-2024-42391 1 Cesanta 1 Mongoose 2024-11-19 N/A 5.3 MEDIUM
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.