Vulmon
Recent Vulnerabilities
Product List
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
polarssl polarssl vulnerabilities and exploits
(subscribe to this query)
6.8
CVSSv2
CVE-2013-5914
Buffer overflow in the ssl_read_record function in ssl_tls.c in PolarSSL prior to 1.1.8, when using TLS 1.1, might allow remote malicious users to execute arbitrary code via a long packet.
Polarssl Polarssl 1.0.0
Polarssl Polarssl 1.1.3
Polarssl Polarssl 1.1.4
Polarssl Polarssl 1.1.6
Polarssl Polarssl 1.1.1
Polarssl Polarssl 1.1.2
Polarssl Polarssl 1.1.0
Polarssl Polarssl 1.1.5
Polarssl Polarssl
5.8
CVSSv2
CVE-2012-2130
A Security Bypass vulnerability exists in PolarSSL 0.99pre4 up to and including 1.1.1 due to a weak encryption error when generating Diffie-Hellman values and RSA keys.
Polarssl Polarssl 0.99
Polarssl Polarssl
Debian Debian Linux 8.0
Fedoraproject Fedora 17
5.8
CVSSv2
CVE-2009-3555
The TLS protocol, and the SSL protocol 3.0 and possibly earlier, as used in Microsoft Internet Information Services (IIS) 7.0, mod_ssl in the Apache HTTP Server 2.2.14 and previous versions, OpenSSL prior to 0.9.8l, GnuTLS 2.8.5 and previous versions, Mozilla Network Security Ser...
Openssl Openssl 1.0
Apache Http Server
Openssl Openssl
Gnu Gnutls
Mozilla Nss
Debian Debian Linux 5.0
Canonical Ubuntu Linux 10.10
Fedoraproject Fedora 11
Fedoraproject Fedora 13
Debian Debian Linux 4.0
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Canonical Ubuntu Linux 9.04
Debian Debian Linux 6.0
Fedoraproject Fedora 12
Canonical Ubuntu Linux 8.04
Canonical Ubuntu Linux 10.04
Canonical Ubuntu Linux 8.10
Canonical Ubuntu Linux 9.10
Fedoraproject Fedora 14
F5 Nginx
2 EDB exploits
10 Github repositories
5
CVSSv2
CVE-2014-8627
PolarSSL 1.3.8 does not properly negotiate the signature algorithm to use, which allows remote malicious users to conduct downgrade attacks via unspecified vectors.
Polarssl Polarssl 1.3.8
5
CVSSv2
CVE-2014-4911
The ssl_decrypt_buf function in library/ssl_tls.c in PolarSSL prior to 1.2.11 and 1.3.x prior to 1.3.8 allows remote malicious users to cause a denial of service (crash) via vectors related to the GCM ciphersuites, as demonstrated using the Codenomicon Defensics toolkit.
Polarssl Polarssl 1.3.1
Polarssl Polarssl 1.3.4
Polarssl Polarssl 1.3.0
Polarssl Polarssl 1.3.2
Polarssl Polarssl 1.3.6
Polarssl Polarssl 1.3.7
Polarssl Polarssl 1.3.3
Polarssl Polarssl 1.3.5
Polarssl Polarssl 1.2.4
Polarssl Polarssl 1.2.6
Polarssl Polarssl 1.2.9
Polarssl Polarssl
Polarssl Polarssl 1.2.2
Polarssl Polarssl 1.2.3
Polarssl Polarssl 1.2.0
Polarssl Polarssl 1.2.1
Polarssl Polarssl 1.2.7
Polarssl Polarssl 1.2.5
Polarssl Polarssl 1.2.8
Debian Debian Linux 8.0
Debian Debian Linux 7.0
Debian Debian Linux 6.0
5
CVSSv2
CVE-2014-0160
The (1) TLS and (2) DTLS implementations in OpenSSL 1.0.1 prior to 1.0.1g do not properly handle Heartbeat Extension packets, which allows remote malicious users to obtain sensitive information from process memory via crafted packets that trigger a buffer over-read, as demonstrat...
Openssl Openssl
Filezilla-project Filezilla Server
Siemens Application Processing Engine Firmware 2.0
Siemens Cp 1543-1 Firmware 1.1
Siemens Simatic S7-1500 Firmware 1.5
Siemens Simatic S7-1500t Firmware 1.5
Siemens Elan-8.2
Siemens Wincc Open Architecture 3.12
Intellian V100 Firmware 1.20
Intellian V100 Firmware 1.21
Intellian V100 Firmware 1.24
Intellian V60 Firmware 1.15
Intellian V60 Firmware 1.25
Mitel Micollab 6.0
Mitel Micollab 7.0
Mitel Micollab 7.1
Mitel Micollab 7.2
Mitel Micollab 7.3.0.104
Mitel Micollab 7.3
Mitel Mivoice 1.1.3.3
Mitel Mivoice 1.2.0.11
Mitel Mivoice 1.3.2.2
4 EDB exploits
2 Nmap scripts
310 Github repositories
4 Articles
4.3
CVSSv2
CVE-2013-5915
The RSA-CRT implementation in PolarSSL prior to 1.2.9 does not properly perform Montgomery multiplication, which might allow remote malicious users to conduct a timing side-channel attack and retrieve RSA private keys.
Polarssl Polarssl 1.2.4
Polarssl Polarssl 0.14.2
Polarssl Polarssl 1.2.6
Polarssl Polarssl 0.11.0
Polarssl Polarssl 1.0.0
Polarssl Polarssl 0.13.1
Polarssl Polarssl 1.1.3
Polarssl Polarssl 0.12.1
Polarssl Polarssl 0.99
Polarssl Polarssl 0.11.1
Polarssl Polarssl 1.1.4
Polarssl Polarssl 1.2.2
Polarssl Polarssl 1.1.8
Polarssl Polarssl 0.14.0
Polarssl Polarssl 1.1.6
Polarssl Polarssl 1.2.3
Polarssl Polarssl 1.1.1
Polarssl Polarssl 1.2.0
Polarssl Polarssl 1.2.1
Polarssl Polarssl
Polarssl Polarssl 1.1.2
Polarssl Polarssl 0.14.3
4.3
CVSSv2
CVE-2013-4623
The x509parse_crt function in x509.h in PolarSSL 1.1.x prior to 1.1.7 and 1.2.x prior to 1.2.8 does not properly parse certificate messages during the SSL/TLS handshake, which allows remote malicious users to cause a denial of service (infinite loop and CPU consumption) via a cer...
Polarssl Polarssl 1.2.4
Polarssl Polarssl 1.2.6
Polarssl Polarssl 1.1.3
Polarssl Polarssl 1.1.4
Polarssl Polarssl 1.2.2
Polarssl Polarssl 1.1.6
Polarssl Polarssl 1.2.3
Polarssl Polarssl 1.1.1
Polarssl Polarssl 1.2.0
Polarssl Polarssl 1.2.1
Polarssl Polarssl 1.1.2
Polarssl Polarssl 1.2.7
Polarssl Polarssl 1.2.5
Polarssl Polarssl 1.1.0
Polarssl Polarssl 1.1.5
4.3
CVSSv2
CVE-2013-1621
Array index error in the SSL module in PolarSSL prior to 1.2.5 might allow remote malicious users to cause a denial of service via vectors involving a crafted padding-length value during validation of CBC padding in a TLS session, a different vulnerability than CVE-2013-0169.
Polarssl Polarssl
Polarssl Polarssl 0.14.2
Polarssl Polarssl 0.11.0
Polarssl Polarssl 1.0.0
Polarssl Polarssl 0.13.1
Polarssl Polarssl 1.1.3
Polarssl Polarssl 0.12.1
Polarssl Polarssl 0.99
Polarssl Polarssl 0.11.1
Polarssl Polarssl 1.1.4
Polarssl Polarssl 1.2.2
Polarssl Polarssl 0.14.0
Polarssl Polarssl 1.2.3
Polarssl Polarssl 1.1.1
Polarssl Polarssl 1.2.0
Polarssl Polarssl 1.2.1
Polarssl Polarssl 1.1.2
Polarssl Polarssl 0.14.3
Polarssl Polarssl 1.1.0
Polarssl Polarssl 1.1.5
Polarssl Polarssl 0.10.1
Polarssl Polarssl 0.12.0
4
CVSSv2
CVE-2011-1923
The Diffie-Hellman key-exchange implementation in dhm.c in PolarSSL prior to 0.14.2 does not properly validate a public parameter, which makes it easier for man-in-the-middle malicious users to obtain the shared secret key by modifying network traffic, a related issue to CVE-2011...
Polarssl Polarssl 0.11.0
Polarssl Polarssl 0.13.1
Polarssl Polarssl 0.12.1
Polarssl Polarssl
Polarssl Polarssl 0.11.1
Polarssl Polarssl 0.10.1
Polarssl Polarssl 0.12.0
Polarssl Polarssl 0.10.0
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
SSRF
server-side request forgery
CVE-2024-30067
CVE-2024-5553
CVE-2024-30095
IDOR
CVE-2024-35252
CVE-2024-23692
CVE-2024-27801
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »