1230 matches found
CVE-2021-46553
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjssetinternal at src/mjsobject.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46548
CVE-2021-46548 concerns Cesanta MJS v2.20.0, which contains a SEGV vulnerability triggered by add_lineno_map_item in src/mjs_bcode.c, leading to a Denial of Service. Affected: Cesanta MJS (embedded JavaScript engine for C/C) with DoS risk; exploitation or remediation details are not provided in t...
CVE-2021-46549
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via parsecvaltype at src/mjsffi.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46546
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjsnext at src/mjsobject.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46538
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gccompactstrings at src/mjsgc.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46534
Cesanta MJS v2.20.0 contains a SEGV vulnerability exploitable via getprop_builtin_foreign in src/mjs_exec.c, which can lead to a Denial of Service. Affected product is Cesanta MJS (embedded JavaScript engine for C/C from Cesanta Ireland). The available documents confirm the vulnerability but do n...
CVE-2021-46532
CVE-2021-46532 affects Cesanta MJS v2.20.0. The issue is a segmentation fault triggered by exec_expr in src/mjs_exec.c, leading to a Denial of Service. Exploitation details are not provided in the documents. Affected component is the MJS JavaScript engine used in C/C for microcontrollers; root ca...
CVE-2021-46527
Cesanta MJS v2.20.0 contains a heap buffer overflow triggered by mjs_get_cstring in src/mjs_string.c. This CVE (CVE-2021-46527) is documented with a CVSS v3.1 base score of 7.8 (HIGH) [attack vector: LOCAL, attack complexity: LOW, privileges required: NONE, user interaction: REQUIRED; confidentia...
CVE-2021-46526
Cesanta MJS v2.20.0 contains a global buffer overflow via snquote in src/mjs_json.c. Affected component: MJS (embedded JavaScript engine for C/C). Root cause: buffer overflow in snquote. Impact (as per sources): high confidentiality, integrity, and availability. Attack vector: LOCAL; attack compl...
CVE-2021-46526
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjsjson.c...
CVE-2021-46520
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjsjprintf at src/mjsutil.c...
CVE-2021-46519
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjsarraylength at src/mjsarray.c...
CVE-2021-46518
CVE-2021-46518 affects Cesanta MJS v2.20.0 and is caused by a heap buffer overflow in the mjs_disown function (src/mjs_core.c). The connected sources confirm a heap overflow condition, with CP partial/INT/AVAIL impacts per CVSS, but the specific exploit details, affected OS/vendor version ranges,...
CVE-2021-46512
CVE-2021-46512 affects Cesanta MJS v2.20.0. A SEGV vulnerability is triggered via mjs_apply in src/mjs_exec.c, leading to Denial of Service. The provided documents confirm the affected software/component and the root cause (segmentation fault in the mjs_apply path). Publicly disclosed details des...
CVE-2021-46507
Jsish v3.5.0 was discovered to contain a stack overflow via JsiLogMsg at src/jsiUtils.c...
CVE-2021-46506
There is an Assertion 'v-d.lval != v' failed at src/jsiValue.c in Jsish v3.5.0...
CVE-2021-46501
Jsish v3.5.0 was discovered to contain a heap-use-after-free via SortSubCmd in src/jsiArray.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46492
Jsish v3.5.0 was discovered to contain a SEGV vulnerability via JsiFunctionInvoke at src/jsiFunc.c. This vulnerability can lead to a Denial of Service DoS...
CVE-2021-46492
CVE-2021-46492 affects Jsish v3.5.0. A SEGV vulnerability occurs via Jsi_FunctionInvoke in src/jsiFunc.c, enabling Denial of Service. Multiple connected entries reiterate the DoS impact for Jsish 3.5.0; no exploits, vectors, or fixes are detailed in the provided documents. Exploitation details ar...
CVE-2021-46491
CVE-2021-46491 affects Jsish v3.5.0 and describes a SEGV vulnerability triggered via Jsi_CommandPkgOpts in src/jsiCmds.c, leading to DoS. Multiple connected sources corroborate the vulnerability details. The available documents do not provide remediation steps or confirmed exploit details. If tru...