Vulnerabilities (CVE)

Filtered by vendor Espruino Subscribe

Filtered by product Espruino

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 5 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2021-46324	1 Espruino	1 Espruino	2022-01-27	6.8 MEDIUM	7.8 HIGH
Espruino 2v11.251 was discovered to contain a stack buffer overflow via src/jsvar.c in jsvNewFromString.
CVE-2021-46325	1 Espruino	1 Espruino	2022-01-27	6.8 MEDIUM	7.8 HIGH
Espruino 2v10.246 was discovered to contain a stack buffer overflow via src/jsutils.c in vcbprintf.
CVE-2018-11593	1 Espruino	1 Espruino	2019-10-03	5.8 MEDIUM	7.1 HIGH
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and potential Information Disclosure with a user crafted input file via a Buffer Overflow during syntax parsing because strncpy is misused in jslex.c.
CVE-2018-11598	1 Espruino	1 Espruino	2018-06-08	5.8 MEDIUM	7.1 HIGH
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Information Disclosure with user crafted input files via a Buffer Overflow or Out-of-bounds Read during syntax parsing of certain for loops in jsparse.c.
CVE-2018-11595	1 Espruino	1 Espruino	2018-06-08	6.8 MEDIUM	7.8 HIGH
Espruino before 1.99 allows attackers to cause a denial of service (application crash) and a potential Escalation of Privileges with a user crafted input file via a Buffer Overflow during syntax parsing, because strncat is misused.