Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
wolfssl wolfssl vulnerabilities and exploits
(subscribe to this query)
4.3
CVSSv2
CVE-2021-45936
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttDecode_Disconnect (called from MqttClient_DecodePacket and MqttClient_WaitType).
Wolfssl Wolfmqtt 1.9
4.3
CVSSv2
CVE-2021-45937
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Connect).
Wolfssl Wolfmqtt 1.9
4.3
CVSSv2
CVE-2021-45938
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Unsubscribe).
Wolfssl Wolfmqtt 1.9
4.3
CVSSv2
CVE-2021-45939
wolfSSL wolfMQTT 1.9 has a heap-based buffer overflow in MqttClient_DecodePacket (called from MqttClient_WaitType and MqttClient_Subscribe).
Wolfssl Wolfmqtt 1.9
4.3
CVSSv2
CVE-2021-38597
wolfSSL prior to 4.8.1 incorrectly skips OCSP verification in certain situations of irrelevant response data that contains the NoCheck extension.
Wolfssl Wolfssl
7.5
CVSSv2
CVE-2021-37155
wolfSSL 4.6.x up to and including 4.7.x prior to 4.8.0 does not produce a failure outcome when the serial number in an OCSP request differs from the serial number in the OCSP response.
Wolfssl Wolfssl
1 Github repository
4
CVSSv2
CVE-2021-24116
In wolfSSL up to and including 4.6.0, a side-channel vulnerability in base64 PEM file decoding allows system-level (administrator) malicious users to obtain information about secret RSA keys via a controlled-channel and side-channel attack on software running in isolated environm...
Wolfssl Wolfssl
6.8
CVSSv2
CVE-2021-3336
DoTls13CertificateVerify in tls13.c in wolfSSL prior to 4.7.0 does not cease processing for certain anomalous peer behavior (sending an ED22519, ED448, ECC, or RSA signature without the corresponding certificate). The client side is affected because man-in-the-middle attackers ca...
Wolfssl Wolfssl
7 Github repositories
10
CVSSv2
CVE-2020-36177
RsaPad_PSS in wolfcrypt/src/rsa.c in wolfSSL prior to 4.6.0 has an out-of-bounds write for certain relationships between key size and digest size.
Wolfssl Wolfssl
4.9
CVSSv2
CVE-2020-24613
wolfSSL prior to 4.5.0 mishandles TLS 1.3 server data in the WAIT_CERT_CR state, within SanityCheckTls13MsgReceived() in tls13.c. This is an incorrect implementation of the TLS 1.3 client state machine. This allows attackers in a privileged network position to completely imperson...
Wolfssl Wolfssl
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
camera
bypass
CVE-2024-3592
CVE-2024-37383
CVE-2024-24919
CVE-2024-27822
CVE-2024-36788
CVE-2024-36789
man-in-the-middle
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
5
6
7
8
NEXT »