Lucene search
+L

1111 matches found

Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.7 views

PT-2026-35156

A weakness has been identified in Cesanta Mongoose up to 7.20. This vulnerability affects the function handle opt of the file /src/net builtin.c of the component TCP Option Handler. This manipulation of the argument optlen causes infinite loop. The attack is possible to be carried out remotely. T...

6.9CVSS5.1AI score0.00565EPSS
Exploits1References6
CNNVD
CNNVD
added 2026/04/25 12:0 a.m.12 views

Cesanta Mongoose 数据伪造问题漏洞

Cesanta Mongoose is a set of embedded server libraries developed by the Irish company Cesanta. It includes functions for TCP and HTTP clients and servers, as well as WenSocket clients and servers. Versions of Cesanta Mongoose 7.20 and earlier contained a data manipulation vulnerability. This...

6.3CVSS5.7AI score0.00217EPSS
Exploits1References1
Positive Technologies
Positive Technologies
added 2026/04/25 12:0 a.m.10 views

PT-2026-35157

A security vulnerability has been detected in Cesanta Mongoose up to 7.20. This issue affects the function mg aes gcm decrypt of the file /src/tls aes128.c of the component GCM Authentication Tag Handler. Such manipulation leads to improper verification of cryptographic signature. The attack may ...

6.3CVSS4.5AI score0.00217EPSS
Exploits1References6
EUVD
EUVD
added 2026/04/02 12:31 p.m.14 views

EUVD-2026-18184

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

6.3CVSS5.2AI score0.00622EPSS
Exploits0References7
EUVD
EUVD
added 2026/04/02 12:31 p.m.9 views

EUVD-2026-18183

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

6.3CVSS5.8AI score0.00716EPSS
Exploits0References7
OSV
OSV
added 2026/04/02 10:16 a.m.5 views

DEBIAN-CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

8.1CVSS5.4AI score0.00622EPSS
Exploits0References1
OSV
OSV
added 2026/04/02 10:16 a.m.5 views

DEBIAN-CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

8.1CVSS5.8AI score0.00716EPSS
Exploits0References1
NVD
NVD
added 2026/04/02 10:16 a.m.30 views

CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

8.1CVSS0.00716EPSS
Exploits0References6
NVD
NVD
added 2026/04/02 10:16 a.m.15 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

8.1CVSS0.00622EPSS
Exploits0References6
OSV
OSV
added 2026/04/02 10:16 a.m.6 views

UBUNTU-CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

8.1CVSS5.4AI score0.00622EPSS
Exploits0References2
OSV
OSV
added 2026/04/02 10:16 a.m.8 views

UBUNTU-CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

8.1CVSS5.8AI score0.00716EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/04/02 9:45 a.m.2 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

6.3CVSS5.5AI score0.00622EPSS
Exploits0References7Affected Software1
Debian CVE
Debian CVE
added 2026/04/02 9:45 a.m.7 views

CVE-2026-5246

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

8.1CVSS5.1AI score0.00622EPSS
Exploits0
Cvelist
Cvelist
added 2026/04/02 9:45 a.m.34 views

CVE-2026-5246 Cesanta Mongoose P-384 Public Key mongoose.c mg_tls_verify_cert_signature authorization

A vulnerability was determined in Cesanta Mongoose up to 7.20. Affected is the function mgtlsverifycertsignature of the file mongoose.c of the component P-384 Public Key Handler. Executing a manipulation can lead to authorization bypass. The attack can be executed remotely. Attacks of this nature...

6.3CVSS0.00622EPSS
Exploits0References6
CVE
CVE
added 2026/04/02 9:45 a.m.24 views

CVE-2026-5246

CVEs details (CVE-2026-5246) : Affects Cesanta Mongoose up to version 7.20. The vulnerability is in the function mg_tls_verify_cert_signature (mongoose.c) within the P-384 Public Key Handler. Remote exploitation could lead to an authorization bypass. Exploitation is described as complex, and ther...

8.1CVSS5.5AI score0.00622EPSS
Exploits0References6Affected Software1
EUVD
EUVD
added 2026/04/02 9:30 a.m.4 views

EUVD-2026-18170

A vulnerability has been found in Cesanta Mongoose up to 7.20. This affects the function mgtlsrecvcert of the file mongoose.c of the component TLS 1.3 Handler. Such manipulation of the argument pubkey leads to heap-based buffer overflow. The attack may be launched remotely. The exploit has been...

7.5CVSS7.2AI score0.00727EPSS
Exploits1References7
ATTACKERKB
ATTACKERKB
added 2026/04/02 9:0 a.m.10 views

CVE-2026-5245

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

6.3CVSS5.8AI score0.00716EPSS
Exploits0References7Affected Software1
Cvelist
Cvelist
added 2026/04/02 9:0 a.m.31 views

CVE-2026-5245 Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

6.3CVSS0.00716EPSS
Exploits0References6
CVE
CVE
added 2026/04/02 9:0 a.m.31 views

CVE-2026-5245

Cesanta Mongoose up to 7.20 contains a stack-based buffer overflow in the function handle_mdns_record (mongoose.c, mDNS Record Handler) caused by manipulation of the buf argument. Remote exploitation is possible; the exploit is described as difficult with a high attack complexity. A fixed version...

8.1CVSS6.1AI score0.00716EPSS
Exploits0References6Affected Software1
Vulnrichment
Vulnrichment
added 2026/04/02 9:0 a.m.3 views

CVE-2026-5245 Cesanta Mongoose mDNS Record mongoose.c handle_mdns_record stack-based overflow

A vulnerability was found in Cesanta Mongoose up to 7.20. This impacts the function handlemdnsrecord of the file mongoose.c of the component mDNS Record Handler. Performing a manipulation of the argument buf results in stack-based buffer overflow. Remote exploitation of the attack is possible. A...

6.3CVSS6.1AI score0.00716EPSS
Exploits0References6
Rows per page
Query Builder