Shodan
Vulnerabilities
Vulnerable Software
Cesanta:  Security Vulnerabilities
CVE-2024-42386
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
CVSS Score
8.2
EPSS Score
0.003
Published
2024-11-18
CVE-2024-42387
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
CVSS Score
5.3
EPSS Score
0.003
Published
2024-11-18
CVE-2024-42388
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.
CVSS Score
5.3
EPSS Score
0.003
Published
2024-11-18
CVE-2024-42383
Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows to write a NULL byte value beyond the memory space dedicated for the hostname field.
CVSS Score
4.2
EPSS Score
0.003
Published
2024-11-18
CVE-2024-42384
Integer Overflow or Wraparound vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application.
CVSS Score
7.5
EPSS Score
0.004
Published
2024-11-18
CVE-2024-35384
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_array_length function in the mjs.c file.
CVSS Score
5.5
EPSS Score
0.003
Published
2024-05-21
CVE-2024-35385
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_mk_ffi_sig function in the mjs.c file.
CVSS Score
4.3
EPSS Score
0.005
Published
2024-05-21
CVE-2024-35386
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_do_gc function in the mjs.c file.
CVSS Score
7.5
EPSS Score
0.006
Published
2024-05-21
CVE-2023-49549
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs_getretvalpos function in the msj.c file.
CVSS Score
7.5
EPSS Score
0.008
Published
2024-01-02
CVE-2023-49550
An issue in Cesanta mjs 2.20.0 allows a remote attacker to cause a denial of service via the mjs+0x4ec508 component.
CVSS Score
7.5
EPSS Score
0.008
Published
2024-01-02


Products
Pricing
Contact Us

Shodan ® - All rights reserved