Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrixssl vulnerabilities and exploits
(subscribe to this query)
6.4
CVSSv2
CVE-2017-2782
An integer overflow vulnerability exists in the X509 certificate parsing functionality of InsideSecure MatrixSSL 3.8.7b. A specially crafted x509 certificate can cause a length counter to overflow, leading to a controlled out of bounds copy operation. To trigger this vulnerabilit...
Matrixssl Matrixssl 3.8.7b
4.3
CVSSv2
CVE-2017-1000415
MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years.
Matrixssl Matrixssl 3.7.2
5
CVSSv2
CVE-2017-1000417
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.
Matrixssl Matrixssl 3.7.2
NA
CVE-2023-24609
Matrix SSL 4.x up to and including 4.6.0 and Rambus TLS Toolkit have a length-subtraction integer overflow for Client Hello Pre-Shared Key extension parsing in the TLS 1.3 server. An attacked device calculates an SHA-2 hash over at least 65 KB (in RAM). With a large number of cra...
Matrixssl Matrixssl
Rambus Tls Toolkit -
7.5
CVSSv2
CVE-2004-2681
PeerSec MatrixSSL prior to 1.1 caches session keys for an indefinitely long time, which might make it easier for remote malicious users to hijack a session.
Peersec Networks Matrixssl
5.8
CVSSv2
CVE-2004-2682
PeerSec MatrixSSL prior to 1.1 does not implement RSA blinding, which allows context-dependent malicious users to obtain the server's private key by determining factors using timing differences on (1) the number of extra reductions during Montgomery reduction, and (2) the us...
Peersec Networks Matrixssl
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
blind SQL injection
SSRF
buffer overflow
CVE-2023-28952
CVE-2023-41822
CVE-2024-27956
CVE-2023-7028
CVE-2024-34447
CVE-2024-34460
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3