VYPR

Vendor CVEs

Cesanta

All CVEs

137 total · sorted by risk
  • CVE-2023-29569Apr 14, 2023
    risk 0.00cvss epss 0.00

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via ffi_cb_impl_wpwwwww at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2023-29571Apr 12, 2023
    risk 0.00cvss epss 0.00

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_sweep at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-36535Feb 3, 2023
    risk 0.00cvss epss 0.00

    Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.

  • CVE-2021-33443Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in mjs_execute() in mjs.c.

  • CVE-2021-33444Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in getprop_builtin_foreign() in mjs.c.

  • CVE-2021-33445Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_string_char_code_at() in mjs.c.

  • CVE-2021-33446Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_next() in mjs.c.

  • CVE-2021-33447Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.

  • CVE-2021-33449Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c.

  • CVE-2021-33442Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in json_printf() in mjs.c.

  • CVE-2021-33441Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in exec_expr() in mjs.c.

  • CVE-2021-33440Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_commit() in mjs.c.

  • CVE-2021-33439Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is Integer overflow in gc_compact_strings() in mjs.c.

  • CVE-2021-33438Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow in json_parse_array() in mjs.c.

  • CVE-2021-33437Jul 26, 2022
    risk 0.00cvss epss 0.00

    An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There are memory leaks in frozen_cb() in mjs.c.

  • CVE-2021-27425May 3, 2022
    risk 0.00cvss epss 0.02

    Cesanta Software Mongoose-OS v2.17.0 is vulnerable to integer wrap-around in function mm_malloc. This improper memory assignment can lead to arbitrary memory allocation, resulting in unexpected behavior such as a crash or a remote code injection/execution.

  • CVE-2022-25299Feb 18, 2022
    risk 0.00cvss epss 0.01

    This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mg_http_upload() method may enable attackers to write files to arbitrary locations outside the designated target folder.

  • CVE-2021-46556Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46554Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46553Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_set_internal at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46550Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via free_json_frame at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46549Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via parse_cval_type at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46548Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via add_lineno_map_item at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46547Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c17e. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46546Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_next at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46544Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x59e19. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46545Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x4b44b. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46543Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x18e810. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46542Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_print at src/mjs_builtin.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46541Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c6ae. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46539Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x45a1f. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46540Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_get_mjs at src/mjs_builtin.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46538Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_compact_strings at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46537Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x9a30e. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46535Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0xe533e. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46534Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via getprop_builtin_foreign at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46531Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x8d28e. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46532Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via exec_expr at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46530Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_execute at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46529Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x8814e. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46528Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x5361e. This vulnerability can lead to a Denial of Service (DoS).

  • CVE-2021-46527Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_get_cstring at src/mjs_string.c.

  • CVE-2021-46526Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c.

  • CVE-2021-46525Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c.

  • CVE-2021-46524Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via snquote at mjs/src/mjs_json.c.

  • CVE-2021-46523Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via to_json_or_debug at mjs/src/mjs_json.c.

  • CVE-2021-46522Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53.

  • CVE-2021-46520Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c.

  • CVE-2021-46521Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c.

  • CVE-2021-46519Jan 27, 2022
    risk 0.00cvss epss 0.01

    Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c.