Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wolfssl wolfssl vulnerabilities and exploits
(subscribe to this query)
383
VMScore
CVE-2019-19960
In wolfSSL prior to 4.3.0, wc_ecc_mulmod_ex does not properly resist side-channel attacks.
Wolfssl Wolfssl
383
VMScore
CVE-2019-19963
An issue exists in wolfSSL prior to 4.3.0 in a non-default configuration where DSA is enabled. DSA signing uses the BEEA algorithm during modular inversion of the nonce, leading to a side-channel attack against the nonce.
Wolfssl Wolfssl
445
VMScore
CVE-2014-2904
wolfssl prior to 3.2.0 has a server certificate that is not properly authorized for server authentication.
Wolfssl Wolfssl
445
VMScore
CVE-2014-2901
wolfssl prior to 3.2.0 does not properly issue certificates for a server's hostname.
Wolfssl Wolfssl
445
VMScore
CVE-2014-2902
wolfssl prior to 3.2.0 does not properly authorize CA certificate for signing other certificates.
Wolfssl Wolfssl
383
VMScore
CVE-2014-2903
CyaSSL does not check the key usage extension in leaf certificates, which allows remote malicious users to spoof servers via a crafted server certificate not authorized for use in an SSL/TLS handshake.
Wolfssl Wolfssl
605
VMScore
CVE-2017-8854
wolfSSL prior to 3.10.2 has an out-of-bounds memory access with loading crafted DH parameters, aka a buffer overflow triggered by a malformed temporary DH file.
Wolfssl Wolfssl
446
VMScore
CVE-2015-6925
wolfSSL (formerly CyaSSL) prior to 3.6.8 allows remote malicious users to cause a denial of service (resource consumption or traffic amplification) via a crafted DTLS cookie in a ClientHello message.
Wolfssl Wolfssl
3 Github repositories
890
VMScore
CVE-2020-36177
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL prior to 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
Wolfssl Wolfssl
169
VMScore
CVE-2018-12436
wolfcrypt/src/ecc.c in wolfSSL prior to 3.15.1.patch allows a memory-cache side-channel attack on ECDSA signatures, aka the Return Of the Hidden Number Problem or ROHNP. To discover an ECDSA key, the attacker needs access to either the local machine or a different virtual machine...
Wolfssl Wolfssl
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
SSTI
CVE-2024-35863
CVE-2024-35910
man-in-the-middle
CVE-2024-35912
CVE-2024-25742
LFI
CVE-2024-32002
CVE-2024-22120
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
4
5
6
NEXT »