Lucene search
K

28 matches found

RedhatCVE
RedhatCVE
added 2022/05/20 11:55 p.m.40 views

CVE-2017-2921

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An...

9.8CVSS4.2AI score0.31045EPSS
Exploits13References1
RedhatCVE
RedhatCVE
added 2022/05/20 11:50 p.m.41 views

CVE-2017-2893

An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT packet ove...

9.8CVSS4.1AI score0.31045EPSS
Exploits13References1
seebug.org
seebug.org
added 2017/11/08 12:0 a.m.43 views

Cesanta Mongoose MQTT SUBSCRIBE Topic Length Information Leak(CVE-2017-2895)

Summary An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of=bounds memory read potentially resulting in information disclosure and denial of service. An...

8.2AI score0.01311EPSS
Exploits1
NVD
NVD
added 2017/11/07 4:29 p.m.19 views

CVE-2017-2921

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An...

9.8CVSS9.4AI score0.02417EPSS
Exploits2References1
OSV
OSV
added 2017/11/07 4:29 p.m.19 views

CVE-2017-2921

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An...

9.8CVSS8.1AI score
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/11/07 4:29 p.m.25 views

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

9.8CVSS7.4AI score0.31045EPSS
Exploits2References2
Prion
Prion
added 2017/11/07 4:29 p.m.17 views

Stack overflow

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

7.5CVSS9.7AI score0.31045EPSS
Exploits2References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/11/07 4:29 p.m.19 views

CVE-2017-2921

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause an integer overflow, leading to a heap buffer overflow and resulting in denial of service and potential remote code execution. An...

9.8CVSS7.2AI score0.02417EPSS
Exploits2References2
UbuntuCve
UbuntuCve
added 2017/11/07 4:29 p.m.21 views

CVE-2017-2922

An exploitable memory corruption vulnerability exists in the Websocket protocol implementation of Cesanta Mongoose 6.8. A specially crafted websocket packet can cause a buffer to be allocated while leaving stale pointers which leads to a use-after-free vulnerability which can be exploited to...

9.8CVSS7.5AI score0.02625EPSS
Exploits2References2
OSV
OSV
added 2017/11/07 4:29 p.m.14 views

CVE-2017-2909

An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause an infinite loop resulting in high CPU usage and Denial Of Service. An attacker can send a packet over the network to trigger this vulnerability...

7.5CVSS6.5AI score
Exploits0References1
OSV
OSV
added 2017/11/07 4:29 p.m.18 views

CVE-2017-2895

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker...

8.2CVSS6.6AI score
Exploits0References1
OSV
OSV
added 2017/11/07 4:29 p.m.20 views

CVE-2017-2894

An exploitable stack buffer overflow vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause a stack buffer overflow resulting in remote code execution. An attacker needs to send a specially crafted MQTT packet ove...

9.8CVSS7.9AI score
Exploits0References1
NVD
NVD
added 2017/11/07 4:29 p.m.23 views

CVE-2017-2891

An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed pointer potentially resulting in remote code execution. An attacker needs to send this HTTP request...

9.8CVSS9.7AI score0.0276EPSS
Exploits2References1
Prion
Prion
added 2017/11/07 4:29 p.m.18 views

Security feature bypass

An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause an infinite loop resulting in high CPU usage and Denial Of Service. An attacker can send a packet over the network to trigger this vulnerability...

7.8CVSS7.3AI score0.01428EPSS
Exploits1References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/11/07 4:29 p.m.26 views

CVE-2017-2909

An infinite loop programming error exists in the DNS server functionality of Cesanta Mongoose 6.8 library. A specially crafted DNS request can cause an infinite loop resulting in high CPU usage and Denial Of Service. An attacker can send a packet over the network to trigger this vulnerability...

7.8CVSS7.1AI score0.01428EPSS
Exploits1References2
UbuntuCve
UbuntuCve
added 2017/11/07 4:29 p.m.24 views

CVE-2017-2895

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT SUBSCRIBE packet can cause an arbitrary out-of-bounds memory read potentially resulting in information disclosure and denial of service. An attacker...

8.2CVSS7.2AI score0.01311EPSS
Exploits1References2
Prion
Prion
added 2017/11/07 4:29 p.m.14 views

Null pointer dereference

An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT packet ove...

5CVSS7.3AI score0.24943EPSS
Exploits2References1Affected Software1
UbuntuCve
UbuntuCve
added 2017/11/07 4:29 p.m.18 views

CVE-2017-2893

An exploitable NULL pointer dereference vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. An MQTT SUBSCRIBE packet can cause a NULL pointer dereference leading to server crash and denial of service. An attacker needs to send a specially crafted MQTT packet ove...

7.5CVSS7.1AI score0.24943EPSS
Exploits2References2
Prion
Prion
added 2017/11/07 4:29 p.m.23 views

Design/Logic Flaw

An exploitable use-after-free vulnerability exists in the HTTP server implementation of Cesanta Mongoose 6.8. An ordinary HTTP POST request with a CGI target can cause a reuse of previously freed pointer potentially resulting in remote code execution. An attacker needs to send this HTTP request...

7.5CVSS9.6AI score0.0276EPSS
Exploits2References1Affected Software1
OSV
OSV
added 2017/11/07 4:29 p.m.4 views

DEBIAN-CVE-2017-2892

An exploitable arbitrary memory read vulnerability exists in the MQTT packet parsing functionality of Cesanta Mongoose 6.8. A specially crafted MQTT packet can cause an arbitrary out-of-bounds memory read and write potentially resulting in information disclosure, denial of service and remote code...

9.8CVSS8.1AI score0.02395EPSS
Exploits1References1
Rows per page
Query Builder