CVE-2024-42391

MEDIUM Year: 2024
CVSS v3 Score
5.3
Medium
Weakness Type
CWE-823
View all →

Vulnerability Description

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space.

Related Vulnerabilities

CVE-2024-42387

MEDIUM
CVSS:5.3(Medium)

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space...

CWE-8232024

CVE-2024-42388

MEDIUM
CVSS:5.3(Medium)

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space...

CWE-8232024

CVE-2024-42389

MEDIUM
CVSS:5.3(Medium)

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space...

CWE-8232024

CVE-2024-42390

MEDIUM
CVSS:5.3(Medium)

Use of Out-of-range Pointer Offset vulnerability in Cesanta Mongoose Web Server v7.14 allows an attacker to send an unexpected TLS packet and force the application to read unintended heap memory space...

CWE-8232024

CVE-2023-6560

MEDIUM
CVSS:5.5(Medium)

An out-of-bounds memory access flaw was found in the io_uring SQ/CQ rings functionality in the Linux kernel. This issue could allow a local user to crash the system.

CWE-8232023

CVE-2022-21147

MEDIUM
CVSS:5.0(Medium)

An out of bounds read vulnerability exists in the malware scan functionality of ESTsoft Alyac 2.5.7.7. A specially-crafted PE file can trigger this vulnerability to cause denial of service and termina...

CWE-8232022