Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
matrixssl vulnerabilities and exploits
(subscribe to this query)
668
VMScore
CVE-2019-10914
pubRsaDecryptSignedElementExt in MatrixSSL 4.0.1 Open, as used in Inside Secure TLS Toolkit, has a stack-based buffer overflow during X.509 certificate verification because of missing validation in psRsaDecryptPubExt in crypto/pubkey/rsa_pub.c.
Matrixssl Matrixssl
383
VMScore
CVE-2016-6882
MatrixSSL prior to 3.8.7, when the DHE_RSA based cipher suite is supported, makes it easier for remote malicious users to obtain RSA private key information by conducting a Lenstra side-channel attack.
Matrixssl Matrixssl
445
VMScore
CVE-2016-6885
The pstm_exptmod function in MatrixSSL prior to 3.8.4 allows remote malicious users to cause a denial of service (invalid free and crash) via a base zero value for the modular exponentiation.
Matrixssl Matrixssl
383
VMScore
CVE-2016-6887
The pstm_exptmod function in MatrixSSL 3.8.6 and previous versions does not properly perform modular exponentiation, which might allow remote malicious users to predict the secret key via a CRT attack.
Matrixssl Matrixssl
890
VMScore
CVE-2016-6890
Heap-based buffer overflow in MatrixSSL prior to 3.8.6 allows remote malicious users to execute arbitrary code via a crafted Subject Alt Name in an X.509 certificate.
Matrixssl Matrixssl
445
VMScore
CVE-2016-6891
MatrixSSL prior to 3.8.6 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted ASN.1 Bit Field primitive in an X.509 certificate.
Matrixssl Matrixssl
445
VMScore
CVE-2016-6892
The x509FreeExtensions function in MatrixSSL prior to 3.8.6 allows remote malicious users to cause a denial of service (free of unallocated memory) via a crafted X.509 certificate.
Matrixssl Matrixssl
668
VMScore
CVE-2019-13470
MatrixSSL prior to 4.2.1 has an out-of-bounds read during ASN.1 handling.
Matrixssl Matrixssl
383
VMScore
CVE-2017-1000415
MatrixSSL version 3.7.2 has an incorrect UTCTime date range validation in its X.509 certificate validation process resulting in some certificates have their expiration (beginning) year extended (delayed) by 100 years.
Matrixssl Matrixssl 3.7.2
445
VMScore
CVE-2017-1000417
MatrixSSL version 3.7.2 adopts a collision-prone OID comparison logic resulting in possible spoofing of OIDs (e.g. in ExtKeyUsage extension) on X.509 certificates.
Matrixssl Matrixssl 3.7.2
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-29895
blind SQL injection
CVE-2024-5064
CVE-2023-52677
CVE-2023-52682
CVE-2024-30051
CVE-2024-35849
remote attackers
remote
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
NEXT »