Lucene search
K

15 matches found

NVD
NVD
added 2019/06/10 5:29 p.m.23 views

CVE-2018-20356

An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

9.8CVSS9.6AI score0.03574EPSS
Exploits1References1
OSV
OSV
added 2019/06/10 5:29 p.m.20 views

CVE-2018-20352

Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

8.8CVSS7.8AI score
Exploits0References1
OSV
OSV
added 2019/06/10 5:29 p.m.18 views

CVE-2018-20353

An invalid read of 8 bytes due to a use-after-free vulnerability during a "NULL test" in the mghttpgetprotodata function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

9.8CVSS7.8AI score
Exploits0References1
OSV
OSV
added 2019/06/10 5:29 p.m.23 views

CVE-2018-20356

An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

9.8CVSS7.8AI score
Exploits0References1
OSV
OSV
added 2019/06/10 5:29 p.m.15 views

CVE-2018-20355

An invalid write of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

9.8CVSS7.9AI score
Exploits0References1
Prion
Prion
added 2019/06/10 5:29 p.m.13 views

Remote code execution

An invalid read of 8 bytes due to a use-after-free vulnerability during a "return" in the mghttpgetprotodata function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

7.5CVSS9.4AI score0.03574EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/06/10 5:29 p.m.14 views

Design/Logic Flaw

Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

6.8CVSS8.8AI score0.02725EPSS
Exploits1References1Affected Software1
Prion
Prion
added 2019/06/10 5:29 p.m.15 views

Remote code execution

An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

7.5CVSS9.4AI score0.03574EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/06/10 4:26 p.m.20 views

CVE-2018-20356

An invalid read of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

9.7AI score0.03574EPSS
Exploits1References1
Cvelist
Cvelist
added 2019/06/10 4:23 p.m.20 views

CVE-2018-20355

An invalid write of 8 bytes due to a use-after-free vulnerability in the mghttpfreeprotodatacgi function call in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

9.7AI score0.03574EPSS
Exploits1References1
CVE
CVE
added 2019/06/10 4:21 p.m.53 views

CVE-2018-20354

The CVE-2018-20354 issue affects Cesanta Mongoose Embedded Web Server Library (versions 6.13 and earlier). A use-after-free in mg_http_get_proto_data during a return causes an invalid read of 8 bytes, leading to denial of service (crash) or remote code execution. NVD data shows high/critical impa...

9.8CVSS9.6AI score0.03574EPSS
Exploits1References1Affected Software1
CVE
CVE
added 2019/06/10 4:19 p.m.51 views

CVE-2018-20353

The CVE affects Cesanta Mongoose Embedded Web Server Library, versions 6.13 and earlier, where a use-after-free causes an invalid read of 8 bytes in mg_http_get_proto_data. This vulnerability can lead to a denial of service (application crash) or remote code execution. No exploitation details are...

9.8CVSS9.6AI score0.03574EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2019/06/10 4:15 p.m.15 views

CVE-2018-20352

Use-after-free vulnerability in the mgcgievhandler function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.13 and earlier allows a denial of service application crash or remote code execution...

8.9AI score0.02725EPSS
Exploits1References1
NVD
NVD
added 2017/04/10 3:59 p.m.37 views

CVE-2017-7185

Use-after-free vulnerability in the mghttpmultipartwaitforboundary function in mongoose.c in Cesanta Mongoose Embedded Web Server Library 6.7 and earlier and Mongoose OS 1.2 and earlier allows remote attackers to cause a denial of service crash via a multipart/form-data POST request without a MIM...

7.5CVSS7.3AI score0.12251EPSS
Exploits5References6
CVE
CVE
added 2017/04/10 3:0 p.m.63 views

CVE-2017-7185

CVE-2017-7185 is a use-after-free in Cesanta’s Mongoose Embedded Web Server Library (mg_http_multipart_wait_for_boundary) affecting versions<=6.7 and Mongoose OS

7.5CVSS7.2AI score0.12251EPSS
Exploits5References6Affected Software2
Rows per page
Query Builder