18 matches found
Cesanta Mongoose Embedded Web Server Library Resource Management Error Vulnerability (CNVD-2019-22662)
Cesanta Mongoose Embedded Web Server Library is a cross-platform embedded server and web library written in C. It is designed to be used with a wide range of applications, including... A resource management error vulnerability exists in the 'mghttpgetprotodata' function of the mongoose.c file in...
Cesanta Mongoose Embedded Web Server Library Resource Management Error Vulnerability (CNVD-2019-22655)
Cesanta Mongoose Embedded Web Server Library is a cross-platform embedded server and web library written in C. It is designed to be used with a wide range of applications, including... A resource management error vulnerability exists in the 'mgcgievhandler' function of the mongoose.c file in...
CVE-2018-20352
Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2018-20356
An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2018-20353
An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the mghttpgetprotodata function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2018-20355
An invalid write of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2018-20356
An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
Remote code execution
An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
Remote code execution
An invalid read of 8 bytes due to a use-after-free vulnerability during a "return" in the mghttpgetprotodata function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
Design/Logic Flaw
Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2018-20356
An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2018-20355
An invalid write of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2018-20354
The CVE-2018-20354 issue affects Cesanta Mongoose Embedded Web Server Library (versions 6.13 and earlier). A use-after-free in mg_http_get_proto_data during a return causes an invalid read of 8 bytes, leading to denial of service (crash) or remote code execution. NVD data shows high/critical impa...
CVE-2018-20353
The CVE affects Cesanta Mongoose Embedded Web Server Library, versions 6.13 and earlier, where a use-after-free causes an invalid read of 8 bytes in mg_http_get_proto_data. This vulnerability can lead to a denial of service (application crash) or remote code execution. No exploitation details are...
CVE-2018-20352
Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...
CVE-2017-7185
Use-after-free vulnerability in the mghttpmultipartwaitforboundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service crash via a multipart/form-data POST request without a MIM...
CVE-2017-7185
Use-after-free vulnerability in the mghttpmultipartwaitforboundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service crash via a multipart/form-data POST request without a MIM...
CVE-2017-7185
CVE-2017-7185 is a use-after-free in Cesanta’s Mongoose Embedded Web Server Library (mg_http_multipart_wait_for_boundary) affecting versions<=6.7 and Mongoose OS