An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_print() in mjs.c.
5.5CVSS
5.5AI Score
0.001EPSS
An issue was discovered in mjs(mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is stack buffer overflow at 0x7fffe9049390.
5.5CVSS
5.8AI Score
0.002EPSS
An issue was discovered in mjs (mJS: Restricted JavaScript engine), ES6 (JavaScript version 6). There is NULL pointer dereference in mjs_bcode_part_get_by_offset() in mjs.c.
5.5CVSS
5.5AI Score
0.001EPSS
Buffer Overflow vulnerability in Cesanta mJS 1.26 allows remote attackers to cause a denial of service via crafted .js file to mjs_set_errorf.
5.5CVSS
5.5AI Score
0.001EPSS
There is an Assertion `i < parts_cnt' failed at src/mjs_bcode.c in Cesanta MJS v2.20.0.
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a stack overflow via snquote at mjs/src/mjs_json.c.
7.8CVSS
7.8AI Score
0.003EPSS
There is an Assertion `s < mjs->owned_strings.buf + mjs->owned_strings.len' failed at src/mjs_gc.c in Cesanta MJS v2.20.0.
5.5CVSS
5.4AI Score
0.003EPSS
There is an Assertion `m->len >= sizeof(v)' failed at src/mjs_core.c in Cesanta MJS v2.20.0.
5.5CVSS
5.5AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_apply at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via mjs_mk_string at mjs/src/mjs_string.c.
7.8CVSS
7.8AI Score
0.003EPSS
There is an Assertion 'ppos != NULL && mjs_is_number(*ppos)' failed at src/mjs_core.c in Cesanta MJS v2.20.0.
5.5CVSS
5.5AI Score
0.003EPSS
There is an Assertion `mjs_stack_size(&mjs->scopes) >= scopes_len' failed at src/mjs_exec.c in Cesanta MJS v2.20.0.
5.5CVSS
5.5AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_stack_size at mjs/src/mjs_core.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
There is an Assertion `mjs_stack_size(&mjs->scopes) > 0' failed at src/mjs_exec.c in Cesanta MJS v2.20.0.
5.5CVSS
5.5AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_disown at src/mjs_core.c.
7.8CVSS
7.9AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_array_length at src/mjs_array.c.
7.8CVSS
7.9AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_jprintf at src/mjs_util.c.
7.8CVSS
7.9AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via c_vsnprintf at mjs/src/common/str_util.c.
7.8CVSS
7.8AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via /usr/lib/x86_64-linux-gnu/libasan.so.4+0xaff53.
7.8CVSS
7.9AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via to_json_or_debug at mjs/src/mjs_json.c.
7.8CVSS
7.9AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via snquote at mjs/src/mjs_json.c.
7.8CVSS
7.9AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap-use-after-free via mjs_apply at src/mjs_exec.c.
7.8CVSS
7.6AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a global buffer overflow via snquote at src/mjs_json.c.
7.8CVSS
7.8AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a heap buffer overflow via mjs_get_cstring at src/mjs_string.c.
7.8CVSS
7.9AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x5361e. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x8814e. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_execute at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x8d28e. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via exec_expr at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via getprop_builtin_foreign at src/mjs_exec.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0xe533e. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x9a30e. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via gc_compact_strings at src/mjs_gc.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x45a1f. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_get_mjs at src/mjs_builtin.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c6ae. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_print at src/mjs_builtin.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x18e810. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/lib/x86_64-linux-gnu/libasan.so.4+0x59e19. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /lib/x86_64-linux-gnu/libc.so.6+0x4b44b. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_next at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via /usr/local/bin/mjs+0x2c17e. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via add_lineno_map_item at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via parse_cval_type at src/mjs_ffi.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via free_json_frame at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_set_internal at src/mjs_object.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_json_stringify at src/mjs_json.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
Cesanta MJS v2.20.0 was discovered to contain a SEGV vulnerability via mjs_bcode_insert_offset at src/mjs_bcode.c. This vulnerability can lead to a Denial of Service (DoS).
5.5CVSS
5.4AI Score
0.003EPSS
This affects the package cesanta/mongoose before 7.6. The unsafe handling of file names during upload using mg_http_upload() method may enable attackers to write files to arbitrary locations outside the designated target folder.
9.8CVSS
7.5AI Score
0.003EPSS
Due to a failure in validating the length of a provided MQTT_CMD_PUBLISH parsed message with a variable length header, Cesanta Mongoose, an embeddable web server, version 7.10 is susceptible to a heap-based buffer overflow vulnerability in the default configuration. Version 7.9 and prior does not a...
8.8CVSS
8.7AI Score
0.0004EPSS