Lucene search
K

7 matches found

OpenVAS
OpenVAS
added 2023/08/10 12:0 a.m.14 views

Cesanta Mongoose Web Server 7.10 Heap-based Buffer Overflow Vulnerability

Cesanta Mongoose Web Server is prone to a heap-based buffer overflow vulnerability. SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...

8.8CVSS6.6AI score0.01014EPSS
Exploits1References2
NVD
NVD
added 2023/08/09 5:15 a.m.12 views

CVE-2023-2905

Due to a failure in validating the length of a provided MQTTCMDPUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not...

8.8CVSS8.7AI score0.01014EPSS
Exploits1References3
CVE
CVE
added 2023/08/09 4:46 a.m.66 views

CVE-2023-2905

CVE-2023-2905 affects Cesanta Mongoose (embedded web server). The vulnerability is a heap-based buffer overflow caused by not validating the length of MQTT_CMD_PUBLISH parsed messages with a variable-length header in version 7.10. Versions 7.9 and earlier are not affected; the issue is resolved i...

8.8CVSS8.7AI score0.01014EPSS
Exploits1References3Affected Software1
Cvelist
Cvelist
added 2023/08/09 4:46 a.m.18 views

CVE-2023-2905 Cesanta Mongoose MQTT Message Parsing Heap Overflow

Due to a failure in validating the length of a provided MQTTCMDPUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not...

9AI score0.01014EPSS
Exploits1References3
OSV
OSV
added 2023/08/09 4:46 a.m.18 views

CVE-2023-2905 Cesanta Mongoose MQTT Message Parsing Heap Overflow

Due to a failure in validating the length of a provided MQTTCMDPUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not...

8.8CVSS6.9AI score0.01014EPSS
Exploits1References5
Debian CVE
Debian CVE
added 2023/08/09 4:46 a.m.5 views

CVE-2023-2905

Due to a failure in validating the length of a provided MQTTCMDPUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not...

8.8CVSS6.9AI score0.01014EPSS
Exploits1
Circl
Circl
added 2000/12/31 11:0 p.m.5 views

CVE-2023-2905

creationtimestamp| type| source ---|---|--- 2000-12-31 23:00:00+00:00| seen| http://takeonme.org/cve/ 2023-08-08 16:37:00+00:00| seen| http://takeonme.org/cves/cve-2023-2905/ 2023-08-09 12:16:21+00:00| seen| https://t.me/cibsecurity/68075...

8.8CVSS6.7AI score0.01014EPSS
Exploits1References3
Rows per page
Query Builder