Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrixssl matrixssl vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2016-6882
MatrixSSL prior to 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote malicious users to obtain RSA private key information by conducting a Lenstra side-channel attack.
Matrixssl Matrixssl
5
CVSSv2
CVE-2016-6885
The pstm_exptmod function in MatrixSSL prior to 3.8.4 allows remote malicious users to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation.
Matrixssl Matrixssl
10
CVSSv2
CVE-2016-6890
Heap-based buffer overflow in MatrixSSL prior to 3.8.6 allows remote malicious users to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
Matrixssl Matrixssl
4.3
CVSSv2
CVE-2016-6884
TLS cipher suites with CBC mode in TLS 1.1 and 1.2 in MatrixSSL prior to 3.8.3 allow remote malicious users to cause a denial of service (out-of-bounds read) via a crafted message.
Matrixssl Matrixssl
5
CVSSv2
CVE-2016-6886
The pstm_reverse function in MatrixSSL prior to 3.8.4 allows remote malicious users to cause a denial of service (invalid memory read and crash) via a (1) zero value or (2) the key's modulus for the secret key during RSA key exchange.
Matrixssl Matrixssl
4.3
CVSSv2
CVE-2016-6887
The pstm_exptmod function in MatrixSSL 3.8.6 and previous versions does not properly perform modular exponentiation, which might allow remote malicious users to predict the secret key via a CRT attack.
Matrixssl Matrixssl
5
CVSSv2
CVE-2016-6891
MatrixSSL prior to 3.8.6 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
Matrixssl Matrixssl
5
CVSSv2
CVE-2016-6892
The x509FreeExtensions function in MatrixSSL prior to 3.8.6 allows remote malicious users to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
Matrixssl Matrixssl
NA
CVE-2022-46505
An issue in MatrixSSL 4.5.1-open and previous versions leads to failure to securely check the SessionID field, resulting in the misuse of an all-zero MasterSecret that can decrypt secret data.
Matrixssl Matrixssl
2 Github repositories
1.9
CVSSv2
CVE-2018-12439
MatrixSSL up to and including 3.9.5 Open allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine on the same...
Matrixssl Matrixssl
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
spoof
CVE-2024-34928
CVE-2024-5291
deserialization
CVE-2024-4471
CVE-2024-4956
CVE-2024-32002
CVE-2024-5227
unspecified
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »