Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
mcrypt mcrypt vulnerabilities and exploits
(subscribe to this query)
NA
CVE-2012-4409
Stack-based buffer overflow in the check_file_head function in extra.c in mcrypt 2.6.8 and previous versions allows user-assisted remote malicious users to execute arbitrary code via an encrypted file with a crafted header containing long salt data that is not properly handled du...
Mcrypt Mcrypt 2.6.5
Mcrypt Mcrypt 2.6.4
Mcrypt Mcrypt
Mcrypt Mcrypt 2.6.7
Mcrypt Mcrypt 2.6.6
2 EDB exploits
NA
CVE-2012-4426
Multiple format string vulnerabilities in mcrypt 2.6.8 and previous versions might allow user-assisted remote malicious users to cause a denial of service (crash) or possibly execute arbitrary code via vectors involving (1) errors.c or (2) mcrypt.c.
Mcrypt Mcrypt
Mcrypt Mcrypt 2.6.7
Mcrypt Mcrypt 2.6.6
Mcrypt Mcrypt 2.6.5
Mcrypt Mcrypt 2.6.4
NA
CVE-2012-4527
Stack-based buffer overflow in mcrypt 2.6.8 and previous versions allows user-assisted remote malicious users to cause a denial of service (crash) and possibly execute arbitrary code via a long file name. NOTE: it is not clear whether this is a vulnerability.
Mcrypt Mcrypt 2.6.4
Mcrypt Mcrypt 2.6.7
Mcrypt Mcrypt 2.6.5
Mcrypt Mcrypt
Mcrypt Mcrypt 2.6.6
NA
CVE-2003-0031
Multiple buffer overflows in libmcrypt prior to 2.5.5 allow malicious users to cause a denial of service (crash).
Mcrypt Libmcrypt 2.5.2
Mcrypt Libmcrypt 2.5.3
Mcrypt Libmcrypt 2.5.1 R4
Mcrypt Libmcrypt 2.5 .0
NA
CVE-2003-0032
Memory leak in libmcrypt prior to 2.5.5 allows malicious users to cause a denial of service (memory exhaustion) via a large number of requests to the application, which causes libmcrypt to dynamically load algorithms via libtool.
Mcrypt Libmcrypt 2.5.3
Mcrypt Libmcrypt 2.5 .0
Mcrypt Libmcrypt 2.5.1 R4
Mcrypt Libmcrypt 2.5.2
9.8
CVSSv3
CVE-2014-8686
CodeIgniter prior to 2.2.0 makes it easier for malicious users to decode session cookies by leveraging fallback to a custom XOR-based encryption scheme when the Mcrypt extension for PHP is not available.
Codeigniter Codeigniter
1 EDB exploit
2 Articles
NA
CVE-2014-5386
The mcrypt_create_iv function in hphp/runtime/ext/mcrypt/ext_mcrypt.cpp in Facebook HipHop Virtual Machine (HHVM) prior to 3.3.0 does not seed the random number generator, which makes it easier for remote malicious users to defeat cryptographic protection mechanisms by leveraging...
Facebook Hiphop Virtual Machine
NA
CVE-2007-2727
The mcrypt_create_iv function in ext/mcrypt/mcrypt.c in PHP prior to 4.4.7, 5.2.1, and possibly 5.0.x and other PHP 5 versions, calls php_rand_r with an uninitialized seed variable and therefore always generates the same initialization vector (IV), which might allow context-depen...
Php Php 4.3.9
Php Php 4.2.0
Php Php 4.1.0
Php Php 4.3.4
Php Php 4.0.4
Php Php 4.3.0
Php Php 4.0.5
Php Php 4.3.6
Php Php 4.0.7
Php Php 4.3.11
Php Php 4.3.2
Php Php 4.2.2
Php Php 4.0.3
Php Php 4.3.7
Php Php 4.0.6
Php Php 4.1.2
Php Php 4.0.1
Php Php 4.3.3
Php Php 4.1.1
Php Php 4.3.1
Php Php 4.3.10
Php Php 4.0.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
CVE-2006-4304
CVE-2023-26603
CVE-2024-28327
CVE-2023-50363
CVE-2024-21905
template injection
CVE-2024-3400
cross-site request forgery
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started