CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

Cesanta MJS v2.20.0 contains a global buffer overflow via snquote in src/mjs_json.c. Affected component: MJS (embedded JavaScript engine for C/C). Root cause: buffer overflow in snquote. Impact (as per sources): high confidentiality, integrity, and availability. Attack vector: LOCAL; attack compl...

7.8CVSS7.8AI score0.00179EPSS

Exploits1References1Affected Software1

Cvelist•added 2022/01/27 8:22 p.m.•12 views

CVE-2021-46526

Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjsjson.c...

8.1AI score0.00179EPSS

Exploits1References1

Cvelist•added 2022/01/27 8:22 p.m.•11 views

CVE-2021-46509

Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjsjson.c...

8AI score0.00179EPSS

Exploits1References1

Prion•added 2021/04/29 2:15 a.m.•10 views

Heap overflow

DISPUTED In mjsjson.c in Cesanta MongooseOS mJS 1.26, a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjsjsonparse, which can potentially lead to redirection of control flow. NOTE: the original reporter disputes the significance of this finding because...

7.5CVSS9.5AI score0.00611EPSS

Exploits1References3Affected Software1

CVE•added 2021/04/29 12:0 a.m.•72 views

CVE-2021-31875

The CVE concerns Cesanta MongooseOS mJS 1.26, where a maliciously formed JSON string can trigger an off-by-one heap-based buffer overflow in mjs_json_parse. This may lead to redirection of control flow. Affected component: mjs_json_parse in mjs_json.c. Documented impact remains high (potential co...

9.8CVSS9.5AI score0.00611EPSS

Exploits1References3Affected Software1

Rows per page

Query Builder

Family

Bulletin Type

Min CVSS Score

Date

Order by