Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
cryptopp vulnerabilities and exploits
(subscribe to this query)
7.5
CVSSv3
CVE-2016-3995
The timing attack protection in Rijndael::Enc::ProcessAndXorBlock and Rijndael::Dec::ProcessAndXorBlock in Crypto++ (aka cryptopp) prior to 5.6.4 may be optimized out by the compiler, which allows malicious users to conduct timing attacks.
Cryptopp Crypto\\+\\+
7.5
CVSSv3
CVE-2016-7544
Crypto++ 5.6.4 incorrectly uses Microsoft's stack-based _malloca and _freea functions. The library will request a block of memory to align a table in memory. If the table is later reallocated, then the wrong pointer could be freed.
Cryptopp Crypto\\+\\+ 5.6.4
7.5
CVSSv3
CVE-2016-9939
Crypto++ (aka cryptopp and libcrypto++) 5.6.4 contained a bug in its ASN.1 BER decoding routine. The library will allocate a memory block based on the length field of the ASN.1 object. If there is not enough content octets in the ASN.1 object, then the function will fail and the ...
Cryptopp Crypto\\+\\+ 5.6.4
Debian Debian Linux 8.0
1 Github repository
5.9
CVSSv3
CVE-2016-7420
Crypto++ (aka cryptopp) up to and including 5.6.4 does not document the requirement for a compile-time NDEBUG definition disabling the many assert calls that are unintended in production use, which might allow context-dependent malicious users to obtain sensitive information by l...
Cryptopp Crypto\\+\\+
NA
CVE-2015-2141
The InvertibleRWFunction::CalculateInverse function in rw.cpp in libcrypt++ 5.6.2 does not properly blind private key operations for the Rabin-Williams digital signature algorithm, which allows remote malicious users to obtain private keys via a timing attack.
Cryptopp Crypto\\+\\+ Library 5.6.2
Opensuse Opensuse 13.1
Opensuse Opensuse 13.2
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2020-4463
CVE-2024-29895
inject
CVE-2023-52689
CVE-2024-5049
CVE-2024-5051
privilege escalation
physical
CVE-2023-52676
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2