CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0696
https://notcve.org/view.php?id=CVE-2025-0696
27 Jan 2025 — A NULL Pointer Dereference vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input. Una vulnerabilidad de desreferencia de puntero nulo en versiones de Cesanta Frozen anteriores a 1.7 permite a un atacante inducir un bloqueo del componente que integra la librería al suministrar un JSON manipulado maliciosamente como entrada. A NULL Pointer Dereference vulnerability in Cesanta Frozen ve... • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0696 • CWE-476: NULL Pointer Dereference •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2025-0695
https://notcve.org/view.php?id=CVE-2025-0695
27 Jan 2025 — An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input. An Allocation of Resources Without Limits or Throttling vulnerability in Cesanta Frozen versions less than 1.7 allows an attacker to induce a crash of the component embedding the library by supplying a maliciously crafted JSON as input. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2025-0695 • CWE-770: Allocation of Resources Without Limits or Throttling •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42392 – Improper Neutralization of Delimiters in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42392
18 Nov 2024 — Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an infinite loop bug if the input string contains unexpected characters. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42392 • CWE-140: Improper Neutralization of Delimiters •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42391 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42391
18 Nov 2024 — Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42391 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42390 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42390
18 Nov 2024 — Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42390 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42389 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42389
18 Nov 2024 — Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42389 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42388 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42388
18 Nov 2024 — Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42388 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 5.3EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42387 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42387
18 Nov 2024 — Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42387 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 8.5EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42386 – Use of Out-of-range Pointer Offset in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42386
18 Nov 2024 — Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and produce a segmentation fault on the application. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42386 • CWE-823: Use of Out-of-range Pointer Offset •
CVSS: 4.0EPSS: 0%CPEs: 1EXPL: 0CVE-2024-42385 – Improper Neutralization of Delimiters in Mongoose Web Server library
https://notcve.org/view.php?id=CVE-2024-42385
18 Nov 2024 — Improper Neutralization of Delimiters vulnerability in Cesanta Mongoose Web Server v7.14 allows to trigger an out-of-bound memory write if the PEM certificate contains unexpected characters. • https://www.nozominetworks.com/labs/vulnerability-advisories-cve-2024-42385 • CWE-140: Improper Neutralization of Delimiters •